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NEC’s  Unified  Communications  provide  a  dynamic  and  realistic  connection  among 
individuals,  devices,  applications,  and  data.  Based  on  a  combination  of  innovative 
technologies  and  advanced  solutions,  its  mobility  and  flexibility  enables  people  to 
experience  greater  efficiency  and  productivity  -  in  any  industry. 

Integrated  IT  and  networking  solutions  like  these  have  made  NEC  a  world  leader, 
and  your  reliable  business  partner. 

Regardless  of  the  communications  solution  your  business  demands,  you  are 
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Patch  Tuesday 
strikes  again 

Microsoft  last  week 
issued  four  critical 
patches  to  close  10 
vulnerabilities.  Platforms 
affected  include  Active 
Directory,  Internet  Explorer,  Host 
Integration  Server  and  Excel.  In  all, 
Microsoft  issued  11  patches.  In  addi¬ 
tion  to  the  four  that  were  critical,  six 
were  listed  as  important  and  one  as 
moderate. 


Sadly,  Enron’s  back  in  the  news 
You  can  add  fraudulently  marketing  its 
broadband  services  to  Enron's  lengthy 
list  of  crimes.The  Justice  Department 
announced  last  week  that  Joseph  Hirko, 
the  former  co-CEO  of  Enron  Broad¬ 
band  services,  has  pleaded  guilty  to 
one  count  of  wire  fraud  before  the  U.S. 
district  court  in  Houston. 


Intel’s  record  quarter!  Up  1%! 

Intel  CEO  Paul 
Otellini  last  week 
crowed  about  his 
company’s  record 
$10.2  billion  third- 
quarter  rev¬ 
enue.  Of 
course,  that 
doesn’t  sound 
so  impressive 
when  you  realize 
it’s  just  a  1%  increase 
over  last  year’s  Q3 
revenue. 


IT  Roadmap: 

Security  and  compliance 

Today’s  hyperconnected  enterprises 
require  technologies,  strategies  and 
architectures  not  even  imagined  in  the 
wired  world.  Learn  more  about  an 
always-on  defense  that’s  active,  re¬ 
sponsive,  realistic  and  fully  compliant. 
Attend  IT  Roadmap:  Washington,  D.C., 
on  Dec.  16.  Qualify  to  attend  free  at: 
www.nwdocfinder.com/6821 
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Ethernet  standards  concision 

Cisco,  others  roll  out  pre-standard  gear  and  see  need  to  go  beyond  specs 


BY  JIM  DUFFY 

Even  though  strides  are  being  made  to  de¬ 
fine  standards  for  extending  Ethernet  to  han¬ 
dle  data  center  applications,  these  advances 
will  not  be  a  panacea,  vendors  say 

Proprietary  extensions  to  those  standards, 
which  are  being  defined  by  the  IEEE  and 
Technical  Committee  Til  of  the  Inter- 
National  Committee  for  Information  Tech¬ 
nology  Standards,  will  still  be  required  in 
order  to  address  customer  requirements  for 
data-center-optimized  Ethernet.  Additionally, 
vendor  marketing  may  confuse  the  issue 
even  more,  because  some  have  adopted  dif¬ 
ferent  acronymic  brands  that  essentially 
refer  to  the  same  technology. 

“The  biggest  [snag]  is,  what  do  we  call  it?” 
says  Steve  Garrison,  vice  president  of  market¬ 
ing  for  Force  10  Networks,  one  of  a  group  of 
vendors  driving  standards  for  Converged  En¬ 
hanced  Ethernet  (CEE),  an  extended  version 
of  Ethernet  for  data  center  applications.  Cisco 
participates  in  the  CEE  standards  efforts, 
though  it  refers  to  the  technology  as  Data 
Center  Ethernet  (DCE) 

“What  customers  really  want  right  now  is 
education,”  Garrison  says.  “Is  this  acronym 
proprietary?  Is  it  a  unified  push  among 
many  vendors?” 

A  new  kind  of  Ethernet 

CEE  and  DCE  describe  an  enhanced 
Ethernet  that  will  enable  convergence  of  LAN, 
storage-area  network  and  high-performance 
computing  applications  in  data  centers  onto  a 
single  Ethernet  interconnect-fabric.  Currently 
these  applications  have  separate  interconnect 
technologies,  including  Fibre  Channel,  Infini¬ 
Band  and  Myrinet. 

This  forces  users  and  server  vendors  to 
support  multiple  interconnects  to  attach 
servers  to  the  various  networks,  a  situation 
that  is  costly,  energy  and  operationally  ineffi¬ 
cient,  and  difficult  to  manage.  So  many  in 
the  industry  —  Brocade  Communications, 
EMC,  NetApp,  Emulex,  Fujitsu,  IBM,  Intel,  Sun 
and  Woven  Systems,  in  addition  to  Cisco  and 
Force  10  —  are  proposing  Ethernet  as  a  sin¬ 
gle,  unified  interconnect  fabric  for  the  data 
center  because  of  its  ubiquity,  familiarity, 
cost  and  speed  advances:  lOGbps  now,  even¬ 
tually  increasing  to  40G  and  lOOGbps. 

But  in  its  current  state,  Ethernet  is  not  opti¬ 
mized  to  provide  the  service  required  for  stor¬ 
age  and  high-performance  computing  traffic 


Inside  the  new  Ethernet 


Key  components  of  converged 
enhanced/data-center  Ethernet. 

FCoE:  Fibre  Channel  over  Ethernet  — 
emergingTII  standard  for  tunneling 
Fibre  Channel  storage  traffic  through 
Ethernet.  Attempts  to  map  deterministic 
Fibre  Channel  transmission  to  Ethernet. 

802.1Qau  —  emerging  IEEE  standard  for 
adding  congestion  notification  to 
Ethernet. 

802.1Qaz  —  emerging  IEEE  standard  for 
adding  enhanced  transmission  selection 
to  Ethernet. 

802.1Qbb  —  emerging  IEEE  standard  for 
adding  priority-based  flow  control  to 
Ethernet. 

40G/100Gbps  —  higher  Ethernet  speeds 
optimal  for  data-center  applications. 


—  speed  alone  won’t  cut  it,  vendors  say  Ether¬ 
net,  which  drops  packets  when  traffic  conges¬ 
tion  occurs,  needs  to  evolve  into  a  low-latency 
“lossless”  transport  technology  with  congestion 
management  and  flow-control  features,  CEE 
and  DCE  backers  say 

“You  need  to  make  sure  Ethernet  will  be¬ 
have  in  the  same  way  as  Fibre  Channel  itself,” 
says  Claudio  DeSanti,  a  technical  leader  in 
Ciscos  Storage  Technology  group.  DeSanti  is 
vice  chair  of  T1 1  and  technical  editor  of  the 
IEEE’s  802.1Qbb  priority-based  flow-control 
project  within  the  Data  Center  Bridging 
(DCB)  task  group. 

Til’s  Fibre  Channel  over  Ethernet  (FCoE) 
defines  the  mapping  of  Fibre  Channel  frames 
over  Ethernet  so  storage  traffic  can  be  con¬ 
verged  onto  a  lOGbps  Ethernet  network.The 
IEEE’s  DCB  task  force  is  defining  three  stan¬ 
dards  —  802.1Qau  for  congestion  notification, 
Qaz  for  enhanced  transmission  selection,  and 
Qbb  for  priority-based  flow  control. 

Where  Ethernet  standards  fall  short 

Vendors  say  these  standards  should  be  solid 
enough  to  implement  on  products  and  deploy 


in  data  centers  in  late  2009  or  early  20 10.  The 
DCB  standards  will  be  final  in  March  2010,  four 
months  later  than  initially  planned  due  to 
some  outstanding,  but  not  insurmountable 
issues,  according  to  Pat  Thaler,  chair  of  the  DCB 
Task  Group  in  the  IEEE. 

But  some  leading-edge  customers  need  a 
pre-standard,  lossless  Ethernet  implementation 
now,  vendors  say;  and  even  when  these  stan¬ 
dards  are  complete,  they  will  be  incomplete, 
others  say 

“A  particular  area  where  we  feel  these  stan¬ 
dards  don’t  really  address  is  the  avoidance  of 
congestion  —  primarily  with  respect  to  load¬ 
balancing  traffic  first  before  we  rate-limit  traffic 
at  the  source,”  says  Bert  Tanaka,  vice  president 
of  engineering  for  Woven.  “Qau  and  Qbb 
attempt  to  avoid  congestion  by  slowing  traffic 
from  the  source.  But  what  we  feel  that  they 
don’t  do  is  they  don’t  actually  try  to  avoid  con¬ 
gestion  by  balancing  traffic  in  the  fabric.That  is 
where  we  plan  to  couple  [the  standards]  with 
our  own  technology’ 

Tanaka  also  says  the  DCB  and  FCoE  stan¬ 
dards  are  limited  in  their  ability  to  scale  to 
large  networks. 

“They  are  really  targeted  for  a  fairly  small 
fabric  —  maybe  hundreds  of  nodes, "Tanaka 
says.“But  if  you’re  trying  to  scale  to  multiple 
hops  and  larger  fabrics,  it’s  not  clear  it  would 
scale  to  something  like  that.  FCoE  ...  is  look¬ 
ing  to  a  more  constrained  network  size.  It 
may  not  scale  to  the  network  the  size  of 
Google.” 

Thaler  says  no  one  ever  proposed  load  bal¬ 
ancing  or  congestion  avoidance  for  inclusion 
in  the  DCB  standards. 

“I  don’t  know  any  networks  that  have  stan¬ 
dardization  for  load  balancing,”  she  says. 
“Switch  vendors  like  to  keep  that  as  their  secret 
sauce.” 

And  she  disagrees  with  Tanaka’s  assertions 
that  the  standards  will  not  scale:  “1  think  that’s 
(referring  to)  congestion  notification  but  I 
don’t  entirely  agree  with  that.” 

Tanaka  says  Woven  and  other  switch  and 
host-adapter  vendors  have  implemented  a  pre¬ 
standard  versions  of  Qbb  to  address  the  limita¬ 
tions  of  the  standards  as  well  as  current  market 
demand. Woven  plans  to  comply  with  the  stan¬ 
dard  once  it  is  complete  but  also  extend  be¬ 
yond  it,  he  says. 

Separately,  Cisco  is  shipping  pre-standard 
DCE  technology  on  its  products,  such  as  the 

See  Ethernet  page  48 
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Booking  it  on  data  breaches 

Re:World  Bank  denies  report  of  massive  data 
breaches  (www.nwdocfinder.com/7136): 

These  data  breaches  and  thefts  are  due  to 
a  lagging  business  culture.  As  CIO,  I’m  al¬ 
ways  looking  for  ways  to  help  my  team, 
business  teams,  and  ad  hoc  measures  of 
various  vendors,  contractors  and  internal 
team  members.  A  book  that  is  required 
reading  is  l.T.  Wars: 

Managing  the 

Business-Technology 
Weave  in  the  New 
Millennium 
(www.nwdocfind- 
er.com/7137).  It  has 
a  great  chapter 
regarding  security 
(among  others). 

Particularly  when 
entertaining  bids  for 
projects,  we  ask  potential  solutions  partners  to 
review  relevant  parts  of  the  book,  and  it  en¬ 
sures  that  these  agencies  understand  our  val¬ 
ues  and  practices. 

The  author,  David  Scott,  has  an  interview 
(www.nwdocfinder.com/7138)  that  is  a  great 
exposure. 

John  Franks 

Discuss  at  www.nwdocfinder.com/7139 

Good  idea,  poor  execution 

Re:  Arrogance  or  efficiency?  Why  Microsoft 
redesigned  the  Office  user  interface,  Part  1 
(www.  nwdocfinder.  com/7 1 40) : 

As  I  recall,  the  reason  MS  did  the  new  user 
interface  was  that  they  were  getting  a  lot  of  re¬ 
quests  (about  90%)  that  certain  features  be 
added  that  turned  out  to  already  be  in  the 
software.  So,  the  intent  was  to  better  expose 
some  of  the  buried  functionality  Apparently, 
they  didn’t  do  that  good  of  a  job. 

Morris  Cox 

Discuss  at  www.nwdocfinder.com/7141 

Social-networking  safety  tips 

Re:  12  tips  for  social  networking  (www.nw 
docfinder.com/7142): 

A  one-liner  synthesizing  much  of  the  article 


would  be, “When  in  doubt  don’t  post  it”  or  “Be 
paranoid,  be  very  paranoid.” 

Another  consideration  for  social  networks 
is  whether  you  and  your  contacts  consider  it 
to  be  more  of  a  professional  social  network 
or  a  network  among  buds.  Better  to  have  two 
(I’m  excluding  Linkedln  from  this)  than  to 
think  one  will  suffice). 

At  an  academic  networking  function  I  re¬ 
cently  attended,  more 
than  one  recent  grad 
in  the  audience 
looked  disappointed 
when  a  lecturer  rec¬ 
ommended  they 
start  fresh  with  a  new 
social-networking 
account  rather  than 
just  extending  their 
use  of  the  one  they 
were  using  in  college. 
Craig  Kensek 
Discuss  at  www.nwdocfinder.com/7143 


No  Wi-Fi?  No  sale! 

Re:  BlackBerry  Storm:  Why  no  Wi-Fi?  (www. 
nwdocfinder.com/7 1 44) : 

I  was  holding  off  switching  our  company’s 
400+  cell-phone  account  to  AT&T,  on  just  one 
issue  that  was  most  important  to  our  employ¬ 
ees  and  management  —  Wi-Fi. 

Now  that  we’ve  heard  for  sure  Verizon  and 
Vodafone  are  not  including  this  must-have, 
basic  feature  for  2008,  we’re  signing  with  AT&T. 

The  cost  savings  alone  for  the  first  year  on 
the  data  plan  (because  of  no  Wi-Fi)  will  pay 
for  the  switch.  Verizon  and  Vodafone  are  very 
shortsighted  and  greedy  —  trying  to  force 
everyone  onto  their  overpriced  data  plan. 

It  makes  our  decision  easy:  No  Wi-Fi?  No  sale! 

Kevin  Greene 

I’ve  been  patiently  waiting  for  the  iPhone 
killer.  I  don’t  need  a  BlackBerry  if  it  won’t  live 
up  to  my  needs.  My  Verizon  contract  runs  out 
end-of-year.I’ll  definitely  move  to  Sprint  if  Wi-Fi 
is  not  made  available.  Sprint  offers  much  more 
for  far  less  cost. 

Ron  Racine 

Discuss  at  www.nwdocfinder.com/7144 
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SIEM’s  like  a  good  idea 

Re:  SIEM  tools  come  up  short  (www.nwdoc 
finder.com/7145): 

Few  people  understand  how  to  integrate 
SIEM  and  see  its  full  potential.  When  done 
properly,  it  is  a  form  of  art  that  delivers  un¬ 
precedented  improvements  across  all  lines  of 
business. 

Matt  Roedell 

Discuss  at  www.nwdocfinder.com/7146 
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WEB  HOSTING  Reseller  js 

VV  LI/  I  IvJ  I  I  I  1  VI  WEB  HOSTING  PACKAGE  PER  MONTH 

FOR  A  YEAR 


Start  Making 
Money  Now  with 
Reseller  Web  Hosting 

Build  your  own  web  hosting  business  with  our 
powerful  reseller  solution.  Unlimited  web  hosting 
FREE  and  without  obligation  for  a  year! 

(Offer  applies  to  the  subscription  fee  only) 

Host  unlimited  websites,  email  and  domain  names  in  our  world-class 
US  data  center  and  resell  everything  under  your  own  brand. 

Ideal  for  web  designers,  developers  and  entrepreneurs. 


★  Unlimited  Websites 

Total  flexibility  -  create  your  own  web  hosting 
solutions  or  resell  our  white-label  plans. 

★  Unlimited  Bandwidth 

Unlike  other  providers,  we  don't  limit  your 
website  traffic  or  charge  you  extra. 

★  Unlimited  Web  Space 

Host  large  websites  knowing  you'll  never  have 
to  pay  for  more  space  again. 

Unlimited  Email 

Resell  unlimited  POP3/IMAP  mailboxes  and  offer 
complete  Hosted  Microsoft  Exchange  solutions. 

Great  Features  and  Benefits 

•  Create  your  own  plans  and  custom  solutions 

•  Load  balanced  Windows  and  Linux  options 

•  Fast  US  web  servers  in  our  world-class  data  center 
Private-label  tools  -  use  your  own  brand  name 

website  for  details 


Unlimited 
Web  Hosting 


Unlimited  Low  Cost  Private-label  100%  US  Based  24/7  Technical 

Email  Domain  Names  Branding  Online  Control  DataCenter  Support 


24/7  Technical  Support 

•  Experts  on  hand  whenever  you  need  them 
17 1  •  24/7  helpline  and  email  support 

SjStW*  In-house  professionals  based  in  the  US 
'  '  •  Comprehensive  reseller  support  website 


The  Flexible  One-Stop  Reseller  Hosting  Package 


Start  Making  Money  Today  at 

www.fasthosts.com 

or  Toll  Free:  1  -  877-  440-5515 

Fasthosts  and  the  Fasthosts  logo  are  trademarks  of  Fasthosts  Internet  Inc 


World  Class  Web  Hosting 
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INTERVIEWS,  THE  COOLEST  TOOLS  AND  MORE 


GADGETS: 


IDG  NEWS  WIRE: 


GADGETS: 


IPhone  app: 
Wikipanion 

The  Wikipanion  app 
makes  it  easy  to  look  up 
information  on  Wiki¬ 
pedia  without  having  to 
open  the  browser  app. 

www.nwdocfinder.com/7165 


Apple  revamps 
laptop  line 

Apple  CEO  Steve  Jobs 
announced  changes  to 
MacBook  Pro,  MacBook 
and  MacBook  Air  lap¬ 
tops  at  Apple's  head¬ 
quarters  in  California. 

www.nwdocfinder.com/71 66 


iPhone  App: 

Evernote 

View  notes,  add  notes 
and  keep  yourself  orga¬ 
nized  right  from  the 
phone. 

www.nwdocfinder.com/7167 
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NEWSLETTERS 


Flood  experience  led  to  better 
disaster  planning 


BLOGOSPHERE 


■  A  virtual  discussion.  Chip  Wenz 
explores  virtualization  on  his  Microsoft 
Training  Insider  blog:  “Among  the  advan¬ 
tages  that  you  receive  by  consolidating  your 
server  can  be  applied  directly  to  your  bottom 
line.  If  you  currently  have  24  servers  in  your 
data  center;  with  virtualization  you  can 
reduce  that  number  to  3.  With  fewer  servers 
to  purchase  and  maintain  the  savings  can 
add  up  pretty  quickly.  Also  because  you  are 
using  fewer  servers  to  do  the  same  amount 
of  work  as  before,  you  will  also  see  a  savings 
on  electricity  and  cooling  in  your  data  cen¬ 
ters."  www.nwdocfinder.com/7152 

■  Patience  is  a  virtue  these  days. 

Andrew  Mikols  offers  three  job  tips  for  tough 
times  on  his  Windows  Job  Market  blog, 
including:  “If  you  are  employed  in  a  failing 
company  or  troubled  sector,  don’t  wait  to  get 
laid  off.  Do  ail  the  things  listed  above  proac¬ 
tively.  It’s  easier  to  find  a  job  when  you  have  a 
job,  so  take  advantage  of  that  before  it's  too 
late.  If  you  are  employed  at  a  stable  company 
that  is  able  to  weather  the  storm,  then  count 
your  blessings  and  don’t  do  something  stupid 
like  leaving  for  a  less  stable  company  and  a 
10%  raise.  I  have  a  friend  who  made  this  mis¬ 
take  a  few  weeks  ago,  and  he  was  laid  off 
from  his  new  company  in  less  than  a  week.  It 
wasn’t  much  fun,  especially  since  he  was  the 
only  wage  earner  for  his  family."  www. 
nwdocfinder.com/7153 

■  Use  those  tools.  On  A  World  of  Bytes, 
Curt  Monash  digs  out  a  nugget  on  how  eBay 
improved  its  data  center  efficiency  dramati¬ 
cally  through  standard  server  monitoring 
tools:  “eBay  did  this  in  the  usual  way,  identi¬ 
fying  and  eliminating  bottlenecks.  It  is  inter¬ 
esting  how  they  found  the  bottlenecks.  They 
banged  network  event  data  into  a  data  ware¬ 
house,  then  used  standard  analytic  tools  to 
extract  results.”  www.nwdocfinder.com/ 
7154 

■  At  least  it  means  job  security.  That’s 
Noah  Schiffman’s  conclusion  after  writing  an 
overview,  on  Security  Phreak,  of  the  never- 
ending  problem  of  application  holes: 
“Despite  advances  in  security  and  patch 
management,  little  has  changed  over  time. 
Rapid  progress  in  information  technology 
has  created  innovations  in  access  to 
resources,  provided  rich  platforms  for  cre¬ 
ative  development  and  revolutionized  the 
human  computer  interactive  experience.  Un¬ 
fortunately,  the  competitive  business  pres¬ 
sures  of  release-to-market  deadlines  pro¬ 
duce  products  deficient  in  quality  assurance 
and  inadequate  security  testing."  www. 
nwdocfinder.com/7155 


Tech  exec:  In  2001, Tropical  Storm  Allison 
stalled  over  southeast  Texas  and  dropped 
more  than  35  inches  of  rain  in  the  state  over  a 
span  of  a  week.  The  city  of  Houston  experi¬ 
enced  unprecedented  flooding,  but  especially 
hard  hit  were  the  major  business  and  medical 
districts.  In  addition,  virtually  every  major 
roadway  was  impassible  due  to  high  water. 
Software  company  NetlQ  fell  victim  to 
Allison’s  flood  waters  when  the  bottom  floor 
of  the  company’s  office  building  was  sub¬ 
merged  and  electrical  equipment  was 
destroyed. This  left  the  building  —  and  NetlQ 
—  without  power  for  a  week.Though  the 
company  brought  in  generators  that  would 
power  some  office  equipment  such  as 
phones,  NetlQ  was  forced  to  limp  along  in  a 
reduced  capacity  while  still  trying  to  support 
business  operations.  And  with  the  widespread 
street  flooding,  employees  couldn’t  get  to  the 
office  to  do  their  jobs.  NetIQ’s  vice  president 
of  IT  Dohsung  Yum  vowed  to  have  a  strong 
disaster  recovery/business  continuity  plan  in 
place  for  the  next  emergency.  Hurricane  Rita 
in  2005  gave  him  a  chance  to  practice  the 
plan,  but  Hurricane  Ike  in  2008  proved  to  be 
the  real  test.  On  Sept.  13,  Ike  knocked  out 
power  to  more  than  2.6  million  Houston  area 
businesses  and  residences,  including  the 


building  NetlQ  occupies.This  time, Yum  says, 
his  company  was  prepared. 

www.nwdocfinder.com/7148 

Network  management:  The  economic  tur¬ 
moil  tormenting  Wall  Streeters  is  also  trickling 
down  to  IT  departments.The  recent  deluge  of 
financial  failures  is  causing  enterprise  IT  exec¬ 
utives  to  reconsider  spending  on  new  invest¬ 
ments  and  avoid  hiring  additional  staff  in  the 
coming  months.  For  instance,  a  CIO  Executive 
Board  survey  of  50  IT  leaders  in  September 
revealed  that  61%  are  re-evaluating  2009  bud¬ 
get  plans,  59%  are  putting  nonessential  IT  proj¬ 
ects  on  hold,  54%  are  re-evaluating  IT  project 
plans  to  conserve  cash  and  24%  have  intro¬ 
duced  a  hiring  freeze  in  IT.  IT  managers  are 
being  asked  to  fill  the  void  that  anemic  IT 
budgets  cannot. “As  the  economy  squeezes,  IT 
professionals  are  forced  to  wear  more  hats 
than  they  normally  would.  Systems  adminis¬ 
trators  are  also  e-mail  admins  and  virtualiza¬ 
tion  experts  while  they  dabble  in  FeopleSoft 
systems,”  says  John  Turner,  director  of  net¬ 
works  and  systems,  Brandeis  University. The 
trend  toward  IT  pros  taking  on  more  responsi¬ 
bilities  started  before  the  economy  took  a 
turn  for  the  worst. 
www.nwdocfinder.com/7149 
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THE  BEST  OFFENSE 
AGAINST  ROGUE  APs  IS 
A  SUPERIOR  DEFENSE 


SO  WET 
THE  BES 


)  Motorola  and  AirDefense  have  come  together 


to  secure  your  wireless  enterprise. 


You  know  rogue  APs  are  out  there  -  providing  an  open  door  to  access  your  wireless  enterprise  and  exposing 
precious  data  assets  to  theft  and  misuse  -  but  they're  nearly  impossible  to  distinguish  from  the  thousands  of 
legitimate  neighboring  APs.  Fortunately,  Motorola  and  AirDefense  have  officially  joined  forces  after  a  long  and 


successful  partnership.  That  means  one  call  is  all  it  takes  to  do  what  no  other  security  provider  can:  automatically 
identify  and  exterminate  the  rogue  APs  threatening  your  wireless  enterprise  -  regardless  of  hardware  platform. 

' 

See  how  the  Motorola  AirDefense  Solution  can  help  secure  your  wireless  enterprise. 
Call  (866)  611-9337  or  visit  motorola.com/airdefense 

i  .  I  ,  1  \  t  ",  ‘  > .^;7l 

MOTOROLA  and  the  Stylized  M  Logo  are  registered  in  the  U  S.  Patent  &  Trademark  Office.  All  other  product  of  service  names  are  the, property  of  their  respective 
owners.  ©  Motorola.  Inc.  2008.  AirDefense  and  the  stylized  AirDefense  logo  are  registered  in  the  U.  S.  Patent  and  Trademark  Office.  All  rights  reserved. 
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Google’s  Android  has  its 
own  kill  switch 


Seems  as  though  Googles  Android  has  the  same 
type  of  so-called  remote  kill  switch  that  caused 
such  controversy  for  Apple  and  its  iPhone.  In  the 
Android  Market  terms  of  service,  Google  expressly  says 
that  it  might  remotely  remove  an  application  from  user 
phones.  “Google  may  discover  a  product  that  violates 
the  developer  distribution  agreement  ...  in  such  an 
instance,  Google  retains  the  right  to  remotely  remove 
those  applications  from  your  device  at  its  sole  discre¬ 
tion,”  the  terms,  linked  to  from  the  phone,  read. The  Gl, 
the  first  phone  to  run  the  Android  software  developed 
by  Google,  goes  on  sale  Oct.  22,  and  many  people  are 
getting  their  first  in-depth  look  at  it  because  T-Mobile 
has  loaned  the  devices  to  reporters.  The  Android 
Market  is  the  online  store  accessible  from  the  phone 
where  users  can  download  applications,  www.nw 
docfinder.com/7157 
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FCC  chairman  supports  use  of  ‘white 
spaces’.  Federal  Communications  Com¬ 
mission  Chairman  Kevin  Martin  said  last  week 
that  he  will  support  allowing  conditional  un¬ 
licensed  use  of  the  so-called  “white  spaces” 
television  spectrum.  During  a  press  confer¬ 
ence,  Martin  said  that  he  was  proposing  to  let 
carriers  and  other  vendors  deploy  devices  in 
white  space  spectrum,  which  operates  un¬ 
licensed  at  powers  of  100  milliwatts.  His  pro¬ 
posal  would  also  permit  use  of  white  space 
on  channels  adjacent  to  existing  television 
stations  at  powers  of  up  to  40  milliwatts.  The 
FCC  is  planning  to  officially  vote  on  whether 
to  allow  unlicensed  white  space  use  during 
its  Nov.  4  meeting. The  FCC  and  several  wire¬ 
less  carriers  and  device  manufacturers  spent 
the  summer  testing  devices  that  operate  on 
television  white  spaces,  or  pieces  of  un¬ 
licensed  spectrum  currently  unused  by  televi¬ 
sion  stations  on  the  VHF  and  UHF  frequency 
bands  www.nwdocfinder.com/7158 

Intel  reports  record  Q3  revenue.  Intel 

reported  record  third-quarter  results  last  week, 
posting  revenue  of  $10.2  billion  and  net 
income  of  $2  billion.  Intel’s  revenue  was  up 
1%  and  net  income  up  12%  compared  with 
the  same  quarter  in  2007.  Intel  officials  con¬ 
ceded  that  they  don’t  know  what  impact  the 
current  financial  crisis  will  have  on  customer 
demand  going  forward. They  said  consumers 
and  businesses  may  defer  IT  purchases  be¬ 
cause  of  tighter  credit,  negative  financial  news 
and  lagging  consumer  confidence.  Because  of 
the  uncertainty  in  global  economic  condi¬ 
tions,  Intel  said  it  would  publish  a  mid-quarter 
business  update  on  Dec. 4. This  information 
should  give  the  U.S.tech  industry  a  better  indi¬ 


cation  of  how  the  global  economic  slowdown 
is  affecting  product  demand  during  the  fourth 
quarter.  Intel’s  announcement  comes  on  the 
heels  of  a  strong  performance  by  IBM,  which 
pre-announced  its  quarterly  earnings  last 
week  amid  the  deepening  economic  gloom. 
IBM’s  revenues  were  up  5%  to  $25.3  billion, 
and  its  net  income  was  up  20%  to  $2.8  billion. 
www.nwdocfinder.com/7159 

Cisco  iPrize  goes  to  energy-efficient 
power  grid.  Cisco  is  planning  to  back  tech¬ 
nology  that’s  designed  to  reduce  energy  con¬ 
sumption  within  electrical  grids.Two  stu¬ 
dents  and  a  systems  engineer  came  up  with 
the  idea,  which  won  Cisco’s  iPrize  contest. 
The  winning  idea  will  be  nurtured  by  Cisco 
and,  the  company  hopes,  be  turned  into  a 
billion-dollar  business.  Cisco  is  being  deliber¬ 
ately  vague  about  the  details  of  the  winning 
idea  because  it  wants  to  make  money  off  it, 
as  well  as  discourage  other  from  trying  to 
exploit  it.  But  a  spokesman  says  the  idea 
calls  for  making  electrical  grids  more  effi¬ 
cient  so  less  energy  is  wasted,  efficiency  that 
could  be  pushed  to  homes. The  idea  calls  for 
using  Cisco  infrastructure  in  the  grids  to  pro¬ 
mote  efficiency,  the  spokesman  says.  In  fash¬ 
ioning  the  winning  entry,  Anna  Gossen.a 
computer  science  student  at  the  Karlsruhe 
University  in  Germany,  teamed  up  with  her 
husband  and  brother. 
www.nwdocfinder.com/7160 

Federal  employees  lack  tools  for  mobile 
work.  Federal  employees  are  becoming  more 
mobile,  but  government  agencies  are  missing 
opportunities  to  improve  employees’  produc¬ 
tivity  when  they’re  working  outside  the  office, 


concludes  research  from  the  Telework 
Exchange.  Eighty-two  percent  of  federal  em¬ 
ployees  spend  work  time  outside  of  the  office 
each  month,  the  telework  advocacy  group 
found  in  its  survey  published  last  week. 
Among  those,  42%  telework  at  least  part  time 
and  20%  spend  at  least  a  portion  of  two  days 
per  week  outside  of  the  office.  Among  the 
most  productive  of  these  mobile  employees 
are  those  who  use  a  smartphone  for  work  pur¬ 
poses.  Smartphone-carrying  mobile  employ¬ 
ees  reported  an  average  time  savings/produc¬ 
tivity  gain  of  54  minutes  per  day  But  despite 
the  productivity  advantage,  66%  of  federal 
employees  who  report  some  mobility  do  not 
currently  have  a  smartphone,  the  Telework 
Exchange  found. 
www.nwdocfinder.com/7161 

Ballmer’s  tongue  again  causes  trouble 
for  Microsoft.  Microsoft  late  last  week 
issued  a  statement  saying  it  still  has  no  inter¬ 
est  in  Yahoo  after  CEO  Steve  Ballmer  said 
that  for  shareholders  a  deal  would  make 
economic  sense. The  company  issued  a  terse 
statement  to  media  around  mid-day:“Our 
position  hasn’t  changed.  Microsoft  has  no 
interest  in  acquiring  Yahoo;  there  are  no  dis¬ 
cussions  between  the  companies.”  Ballmer’s 
words  alone  were  a  decent  deal  for  Yahoo 
shareholders,  who  saw  the  stock  rise  $2.19 
per  share  in  just  more  than  60  minutes  fol¬ 
lowing  the  CEO’s  remarks  during  his  appear¬ 
ance  at  the  Gartner  Symposium  in  Florida.  In 
the  same  time  frame,  Microsoft  stock  was  up 
$2. 10.  Ballmer  has  a  history  of  using  his 
tongue  to  nudge  the  stock  market.  In  1999,  he 
told  a  group  of  technology  journalists  that 
tech  stocks  were  overvalued  and  lumped 
Microsoft  in  that  group,  even  saying  the  value 
of  his  company’s  stock  should  be  “less.” 
Microsoft  stock  lost  5.1%  that  day;  it  was  esti¬ 
mated  that  Ballmer  lost  billions  on  paper, 
given  his  stock  holdings  in  the  company 
www.nwdocfinder.com/7162 

Hack  targets  Microsoft  Host 
Integration  Server.  Hackers  have  released 
code  that  could  be  used  to  take  control  of  a 
server  running  Microsoft’s  Host  Integration 
Server  2006,  used  to  connect  mainframe 
applications  to  Windows  PCs.The  software 
was  released  last  week  as  part  of  the 
Metasploit  hacking  toolkit.  Microsoft  released 
a  patch  for  this  flaw  last  week,  as  part  of  its 
monthly  security  updates.The  bug  lies  in  the 
SNA  (Systems  Network  Architecture)  remote 
procedure  call  used  by  the  server  to  commu¬ 
nicate  with  the  mainframe.  Normally,  this  ser¬ 
vice  would  be  blocked  by  a  firewall  and  in  a 
typical  configuration  the  attacker  would  need 
to  have  an  account  on  the  Host  Integration 
Server  in  order  to  launch  the  attack.  However, 
poorly  configured  machines,  such  as  test  sys¬ 
tems,  might  be  vulnerable  to  an  attack. 
www.nwdocfinder.com/7163 
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You  No  Longer  Have  To 

Many  businesses  limit  their  options  when  it  comes 
to  networking.  But  with  HP  ProCurve,  you  can  open 
a  whole  new  range  of  possibilities.  With  secure  and 
reliable  solutions  that  adapt  to  the  changing  needs 
of  your  organization,  you  now  have  the  opportunity  to 
optimize  your  network  for  business  results. 


Network  of  Choice 

You  have  a  choice  at  ProCurve.com/Choice 


ProCurve 

Networking  by  HP 


©  2008  Hewlett  Packard  Development  Company,  L.P. 
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Cybersecurity  threats  multiply 


BY  JOHN  COX 

The  annual  report  from  Georgia  Tech  Inform¬ 
ation  Security  Center  identifies  five  evolving 
cybersecurity  threats, and  the  news  is  not  good. 

GT1SC  interviewed  a  range  of  industry  secur¬ 
ity  experts  to  explore  the  threats  and  the  avail¬ 
able  countermeasures.  The  five  are  malware, 
botnets,  cyberwarfare,  threats  to  VoIP  and 
mobile  devices,  and  the  “evolving  cybercrime 
economy!’ 

In  all  five  areas,  attackers  are  becoming  in¬ 
creasingly  sophisticated,  increasingly  subtle 
and  increasingly  adept  at  exploiting  new  Web 
developments,  such  as  the  rise  of  social  net¬ 
working  sites.  Industry  and  government  need 
to  become  equally  concerted  and  sophisti¬ 
cated  to  contain  these  threats  if  the  Internet  is 
to  be  a  trusted  communications  medium. 

The  just-released  report,  “Emerging  Cyber 
Threats  Report  for  2009:  Mobility  and  Ques¬ 
tions  of  Responsibility  will  Drive  Cyber  Threats 
in  2009  and  Beyond,”  explains  that  malware 
development  expertise  is  rapidly  maturing, 
skills  that  are  perfectly  suited  to  exploit  the 
continued  weaknesses  of  poorly  configured 
Web  sites,  especially  social  networking  sites. 
The  report  cited  Ryan  Naraine, security  evan¬ 
gelist  for  Kaspersky  as  predicting  a  10-fold  in¬ 
crease  in  malware  objects  detected  in  2008. 

“As  cybercriminals  move  beyond  mass-dis- 
tribution-style  phishing  scams,  they  are  learn¬ 
ing  how  to  localize  and  personalize  their 
attacks  for  better  penetration,”  the  GTISC 
report  says.  “Social  networking  sites  like 
MySpace,  Facebook  and  others  will  likely  be 
used  as  delivery  mechanisms  to  get  unsus¬ 
pecting  users  to  a  malicious  Web  site  link  in 
order  to  deliver  malware.” 

As  an  example,  the  report  described  an  ex¬ 
ploit  that  sends  a  Facebook  message  from  one 
friend  to  another,  about  a  YouTube  video,  in¬ 
cluding  a  link  to  the  clip.  The  recipient  clicks 
on  the  link,  sees  a  prompt  to  download  an 
updated  version  of  the  Flash  player  to  run  the 
clip.  When  the  recipient  clicks  on  the  update,  it 
installs  malware  on  his  computer. 

Another  weakness  that  malware  continues  to 
exploit  is  the  delay  in  patching  and  updating 
software  on  enterprise  computers.  Kaspersky’s 
Naraine  says  the  average  corporation  takes 
three  to  five  months  to  apply  a  Windows  patch 
everywhere,  giving  that  much  more  time  for 
malware  programs  and  the  botnets  that  they 
call  into  being  to  take  advantage  of  known 
weaknesses. 

Botnets 

Researchers  at  GTISC  estimate  that  15%  of  on¬ 
line  computers  in  2008  will  become  part  of 
botnets  —  infected  with  code  that  effectively 
puts  them  under  the  control  of  a  remote  bot- 
master.  That’s  up  from  an  estimated  10%  in 
2007. 


One  massive  recent  botnet  was  created  by  an 
18-year-old  New  Zealander. 

Infections  can  occur  even  through  legitimate 
Web  sites,  botnet  delivery  mechanisms  are 
becoming  more  sophisticated  and  subtle,  and 
users  don’t  have  to  actually  do  anything  except 
load  a  Web  page  in  order  to  enable  botnet 
infections. 

Uncovering  bot  communications  is  ex¬ 
tremely  difficult,  according  to  Wenke  Lee,  an 
associate  professor  at  GTISC  and  a  leading  bot¬ 
net  researcher.“It’s  very  difficult  to  filter  bot  traf¬ 
fic  at  the  network  edge  since  it  uses  HTTP  and 
every  enterprise  allows  HTTP  traffic”  Lee  says. 

The  GTISC  report  cites  a  second-quarter  2008 
assessment  by  Panda  Labs,  which  found  10  mil¬ 
lion  bot  computers  were  used  to  distribute 
spam  and  malware  over  the  Internet  every  day 

Cyberwar 

One  of  the  most  troubling  sections  in  the  re¬ 
port  deals  with  cyberwar:  the  deliberate  use  by 
one  nation  of  computer  technology  to  weaken, 
cripple  or  confuse  an  enemy  nation’s  military 
economic  and  infrastructure  assets. 

The  report  cites  the  work  of  Don  Jackson, 
director  of  threat  intelligence  for  Secure  Works, 
in  compiling  research  that  implicates  the 
Russian  government  in  cyberattacks  against 
Georgia  just  a  few  months  ago.  For  example, 
most  Georgian  Internet  traffic  is  routed  through 
Turkey  and  Russia.  As  of  Aug.  10, 2008,  the  day 
after  the  Russian  Air  Force  was  given  the  green 
light  for  air  attacks,  traffic  routed  through 
Turkey  was  almost  completely  blocked,  and  IP 
traffic  through  Russia  “was  slow  and  effectively 
unusable,”  according  to  the  GTISC  report. 

Estonia  faced  cyberattacks  in  2007. 

We  can  expect  such  attacks  to  increase.  Jon 
Ramsey  CTO  for  SecureWorks,  says  there  are 
several  reasons  why:  such  attacks  are  inexpen¬ 
sive  to  mount  compared  with  conventional 
warfighting;  cyberdefenses  are  weak  or  non¬ 
existent;  the  Internet  offers  “plausible  deniabil- 
ity”  for  attackers;  there  are  no  “rules  of  engage¬ 
ment”  to  govern  such  cyberconflicts  among 
nations. 

VoIP  and  mobile  devices 

VoIP  traffic,  like  e-mail,  will  be  targeted  for 
fraud,  theft  and  other  scams.  As  wireless  VoIP 
expands,  denial  of  service  becomes  more  than 
an  inconvenience:  in  the  case  of  a  service  pro¬ 
vider,  an  attacker  could  attempt  to  blackmail 
the  provider  with  widespread  voice  disruption, 
according  to  Tom  Cross,  a  researcher  with  the 
IBM  Internet  Security  Systems  X-Force  team. 

Mobile  devices  will  draw  cybercriminals  as 
the  handhelds  are  used  more  often  for  trans¬ 
acting  business  and  accessing  sensitive  data 
such  as  credit  reports,  according  to  Dave 
Amsteryice  president  of  security  investigations 
for  Equifax.  One  prospect  is  that  smartphones 


will  be  targeted  for  immense  malware  driven 
mobile  botnets. 

The  lack  of  open  security  standards  in  mobil¬ 
ity  is  actually  a  good  thing,  because  it  provides 
industry  players  the  chance  to  develop  and 
apply  them  comprehensively,  an  opportunity 
missed  for  PCs,  according  to  the  report. 

Gybercrime 

Cybercriminals  are  increasingly  professional, 
organized  and  profit-driven,  the  report  says.  It 
notes  that  would-be  criminals  can  buy  lease, 
subscribe  or  pay-as-you-go  to  obtain  the  latest 
in  malware  kits,  complete  with  product  guar¬ 
antees  and  even  service-level  agreements. 
According  to  one  researcher  in  the  report,  a 
few  even  have  multiple-language  customer 
support. 

The  costs  of  cybercrime  to  business  are 
mounting. 

Gunter  Ollmann,  chief  security  strategist  for 
IBM  Internet  Security  Systems,  identifies  three 
tiers  in  this  unfolding  criminal  industry:  low- 
level  criminals  who  buy  and  use  kits  to  execute 
specific  crimes;  skilled  developers,  often  in 
groups,  working  to  develop  new  components 
for  their  commercial  malware-creation  prod¬ 
ucts;  and  “managed  service  providers”  that  can 
apply  and  sustain  malware  attacks  on  a  global 
scale. 

Meeting  these  threats  will  require  a  three¬ 
pronged  initiative,  according  to  GTISC.  ■ 


InBrief 


Ex-Enron  Broadband  exec 
pleads  guilty 

You  can  add  fraudulently  marketing  its 
broadband  services  to  Enron's  lengthy  list  of 
crimes.The  Justice  Department  announced 
last  week  that  Joseph  Hirko,  the  former  co- 
CEO  of  Enron  Broadband  services,  has 
pleaded  guilty  to  one  count  of  wire  fraud 
before  the  U.S.  District  Court  in  Houston. 
Under  a  plea  agreement  reached  between 
Hirko  and  the  court,  the  former  Enron  exec¬ 
utive  will  face  a  sentence  of  up  to  16  months 
in  prison  and  will  have  to  pay  a  fine  up  to 
$250,000.  Additionally,  Hirko  has  pledged  to 
fully  cooperate  with  the  government's  con¬ 
tinued  criminal  investigation  of  Enron 
Broadband  Services  and  to  forfeit  roughly 
$8.7  million  in  restitution  to  former  in¬ 
vestors  through  the  SEC’s  Enron  Fair  Fund. 
Essentially,  Hirko  has  pleaded  guilty  to 
falsely  representing  Enron  Broadband's 
progress  in  deploying  and  activating  its 
broadband  operating  system  in  2000. 
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Beyond  safe 


Preserving  your  data  with  safe,  reliable  media  is  critical.  But  at  Sony, 
bringing  engineering  excellence  to  your  storage  network  is  just  the 
beginning.  Sony  LTO™  tapes  also  offer  factory  bar  coding  for  easy 
data  management.  Convenient  Library  Packs  eliminate  individual 
shrink-wrapping.  Beyond  all  this,  our  Storage  Rewards  loyalty 
program  puts  you  on  the  Sony  incentives  fast  track.  Sony  LTO  media. 
Safe,  reliable,  and  so  much  more. 

sony.com/storagerewards  and  enter  code  SRL301  for  an 
additional  500  Storage  Rewards  Points.' 


NEWS  ANALYSIS 


Can  outsourcers  survive 
the  economic  storm? 


BY  DENISE  DUBIE 

IT  service  spending  might  not  feel  drastic 
cuts  as  high-tech  leaders  consider  shaving  dol¬ 
lars  off  their  budgets,  because  outsourcers  and 
service  providers  could  help  them  contain 
costs  and  streamline  operations,  industry  ana¬ 
lysts  say 

A  majority  of  IT  executives  report  they  are 
re-assessing  how  to  invest  what’s  left  of  their 
2008  IT  budgets.  Many  have  decided  to  cut 
overall  IT  spending,  but  relatively  fewer  are 
reducing  the  amount  they  put  toward  out¬ 
sourcing  IT  services,  according  to  Forrester 
Research.  A  recent  Forrester  survey  shows  that 
although  46%  of  258  Global  2000  enterprises 
have  cut  back  their  IT  budgets  already  only 
21%  have  cut  back  on  their  IT  services  spend¬ 
ing  (see  graphic). 

“The  primary  value  proposition  of  a  good  IT 
services  deal  for  enterprise  IT  buyers  is  low¬ 
ered  costs,  improved  processes  and  stream¬ 
lined  operations,”  says  Paul  Roehrig,  principal 
analyst  at  Forrester.  That  means  IT  executives 
who  invest  in  outsourcing  now  will  continue 
that  trend  during  cost-cutting  times,  and  com¬ 
panies  that  previously  might  not  have  con¬ 
sidered  sending  IT  services  to  an  external 
provider  might  turn  to  the  delivery  model  to 
avoid  adding  head  count  or  investing  in  new 
technology  “For  the  enterprise,  outsourcing 
could  help  the  total  spending  go  down,  even 
though  outsourcing  revenue  for  the  service 
provider  would  go  up,”  Roehrig  says. 

For  instance,  despite  reported  softness  in  the 
third  quarter,  global  sourcing  advisory  firm  TPI 
North  America  anticipates  2008  to  outperform 
2007  in  the  number  of  outsourcing  contracts 
awarded. That  number  is  up  5%  this  year  com¬ 
pared  to  last  year,  and  the  total  contract  value 
of  the  deals  is  up  19%.  TPI  estimates  that  the 
global  outsourcing  market  will  reach  $88  bil¬ 
lion  in  2008,  up  10%  from  the  previous  year. 
Specifically  business  process  outsourcing  is  ex¬ 
pected  to  increase  14%  to  $22  billion,  and  IT 
outsourcing  is  forecast  to  increase  about  9%, 
bringing  revenue  to  $66  billion. 

“Infrastructure-oriented  management  of 
servers,  desktops  and  other  IT  components  is 
expected  to  go  unchanged,  but  application 
development  work  could  be  impacted.  There 
will  be  a  downturn  in  discretionary  projects  in 
the  short  term,  but  application  maintenance 
won’t  be  affected,”  says  Brian  Smith,  partner 
and  managing  director  of  financial  services 
operations  for  TPI. 

Still,  the  outsourcing  industry  won’t  go  com¬ 
pletely  unscathed,  according  to  TPI,  which  re¬ 
ports  that  the  number  of  outsourcing  deals 
overall  dropped  22%  from  the  second  to  the 
third  quarter  this  year.  The  firm  attributes 


that  drop  to  IT  executive  caution  in  late  2007 
and  a  lessened  demand  in  the  financial  ser¬ 
vices  industry  Still,TPI  says  it  doesn’t  anticipate 
certain  types  of  sourcing  deals  to  be  cut  in 
reaction  to  more  recent  economic  woes. 

“Because  the  value  for  much  of  outsourcing 
is  efficiency  and  process  management,  we 
don’t  see  any  reason  the  economy  would  sig¬ 
nificantly  negatively  affect  those  deals,”  Smith 
says.“Our  view  is  that  the  same  pattern  of  activ¬ 
ity  we’ve  seen  in  2008  will  repeat  in  2009.” 

Outsourcing  deals  may  continue  to  multiply 
but  that  doesn’t  mean  that  the  nature  of  out¬ 
sourcing  deals  won’t  change  —  and  in  some 
cases,  to  the  benefit  of  enterprise  IT  buyers.TPI 
notes  that  the  trend  to  large,  multiyear,  billion- 
dollar  outsourcing  deals  is  on  the  downturn 
and  more  targeted, specialized  contracts  are 
becoming  the  norm.  Industry  watchers 
attribute  this  shift  to  public  failures  of  compre¬ 
hensive  outsourcing  contracts  and  to  enter¬ 
prise  IT  being  more  strategic  in  the  functions  it 
performs  in-house.  “Comprehensive  deals 
aren’t  as  common, and  there  is  a  danger  to  hav¬ 
ing  too  many  vendor  contracts,  but  generally  IT 
is  being  more  selective  on  the  services  it  sends 
out,”  Forrester’s  Roehrig  says.  “Smart  execs  are 
using  IT  services  not  merely  to  manage  tech¬ 
nology  plumbing  but  also  to  profoundly  affect 
business  performance.” 

Activity  in  the  outsourcing  market  is  “higher 
than  ever,  but  the  deal  size  has  changed,”  says 
David  Etzler,  CEO  of  OutsourceWorld  The  sev¬ 
enth  annual  OutsourceWorld  was  held  last 
week  in  New  York  and  drew  about  1,000  atten¬ 
dees  looking  to  learn  more  about  their  sourc¬ 
ing  options.  From  talking  with  CIOs  there,  he 
says  he  discovered  companies  are  learning 
they  don’t  need  to  put  all  their  functions  under 
one  umbrella  with  a  single  provider,  and  many 
are  opting  to  pick  and  choose  outsourcers  that 
best  address  specific  needs. 

“Because  of  the  events  of  Wall  Street,  compa¬ 
nies  are  in  a  complete  state  of  shock  but  real¬ 
izing  they  need  to  be  strategic  and  look  more 
closely  at  what  their  core  components  are,” 
Etzler  says.'The  risks  they  are  taking  with  out¬ 
sourcers  are  smaller  but  more  focused  on  what 
can  really  bring  gains  to  the  business.” 

Another  benefit  of  more  selective  outsourc¬ 
ing  deals  is  that  IT  buyers  can  negotiate  better 
contracts  with  service  providers,  especially  in 
the  down  economy.  “The  smart  service  pro¬ 
viders  understand  that  this  is  the  worst  eco¬ 
nomic  crisis  since  the  Depression,  and  ulti¬ 
mately  they  will  be  hurting  too,”  Forrester’s 
Roehrig  says.  “If  they  can  offer  enterprises  a 
way  to  contain  costs  while  improving  busi¬ 
nesses,  they  will  be  able  to  prove  their  worth  in 
the  long  haul.”B 


Outsourcing  suffers 
lesser  blow  in  budget  cuts 

A  survey  of  258  Global  2000 
enterprises  shows  many  have 
begun  to  cut  IT  spending  but  fewer 
are  pulling  back  on  outsourcing. 

HOW  WILL  THE  GLOBAL  ECONOMY 
AFFECT  YOUR  OVERALL  IT  SPENDING 
FOR  THE  NEXT  12  MONTHS? 

We  have  cut  back  our 
IT  budget  already: 


We  have  cut  back  on 
services  spending: 


HOW  WILL  THE  ECONOMY  AFFECT 
YOUR  IT  SERVICES  SPENDING? 

■  LIKELY  ACTION  ffi UNLIKELY  ACTION 

We  are  negotiating  lower 
rates  with  suppliers. 

We  have  cut  back  our  use 
of  contractors. 


We  are  increasing  our 
use  of  offshoring. 

We  are  increasing  our  use  of 
applications  outsourcing. 

We  are  increasing  our  use  of 
infrastructure  outsourcing. 

We  are  taking  a  wait-and- 
see  attitude. 

We  are  expanding  our  use 
of  contractors. 


SOURCE:  FORRESTER  RESEARCH 

(PERCENTAGES  MAY  NOT  TOTAL  100  DUE  TO  ROUNDING). 
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"Our  innovative  cooling  approach  at 
both  the  rack  and  room  level  enables 
us  to  quickly  and  simply  grow  our 
data  center  spaces  as  needed  using  a 
modular  approach. 

Instead  of  trying  to  reassess  the 
entire  room  and  figure  out  where 
the  best  location  is  for  a  rack, 
the  InfraStruXure  can  actually 
adapt  to  where  the  user  wants  to 
put  the  rack." 


Mike  Ryan, 
Design  Engineer,  (PE) 
and  Data  Center  Design  Services 


Virtualization  is  here  to  stay. 


The  road  to  virtualization 
now  has  a  high  speed  lane. 


Principles  of  InfraStruXure0 
High  Density-Ready  Architecture.. 

1  Rack  enclosures  that  are  HD-Ready 
Metered  PDUs  at  the  rack  level 
Temperature  monitoring  in  the  racks 
Centralized  monitoring  software 

perations  software  with  predictive 
apacity  management 

I  Efficient  InRow  cooling  technology 
7  UPS  power  that  is  flexible  and  scalable 


Sun's  Workplace  Resources 

Global  Lab  &  Data  Center  Design  Services  Team  (GDS) 

(from  right  to  left)  Bret  Rucker,  Ramesh  KV,  Dean  Nelson.  Petr  Vlasaty, 
Serena  Devito,  Mike  Ryan  &  Brian  Day 


And  it's  no  wonder  -  it  saves  space  and  energy  while  letting  you  maximize 
your  IT  resources.  But  smaller  footprints  can  come  at  a  cost.  Virtualized  servers, 
even  at  50%  capacity,  require  special  attention  to  cooling,  no  matter  their  size 
or  their  location. 

1.  Heat  Server  consolidation  creates  higher  densities  -  and  higher  heat  -  per  rack, 
risking  downtime  and  failure. 

2.  Inefficiency  Perimeter  cooling  can't  reach  heat  deep  in  the  racks.  And  over¬ 
cooling  is  expensive  and  ineffective. 

3.  Power  Events  Virtual  loads  move  constantly,  making  it  hard  to  predict  available 
power  and  cooling,  risking  damage  to  your  network. 


\# 

InfraStruv  #  ure( 


DATA  CENTERS  ON  DEMAND 


SCHEMATIC  LEGEND: 

CRAC  UNITS 

STANDARD  DENSITY  RACKS 
■■  CENTRALIZED  UPS 
$ ■  INFRASTRUXURE  HD-READY  ZONES 


Figure  1 


The  right-sized  way  to  virtualize. 

With  the  new  HD-Ready  InfraStruXure®  architecture,  you  can  take  on  high  density 
by  cooling  the  virtualized  high-density  row,  controlling  power  at  the  rack  level,  and 
managing  the  system  with  advanced  software  and  simulation.  Though  virtualizing 
saves  energy,  true  efficiency  also  depends  on  the  relative  efficiencies  of  power, 
cooling,  and  servers.  Right-sizing  one  and  not  the  others  (See  Figure  1)  leaves 
efficiency  savings  on  the  table.  To  right-size,  depend  on  the  efficient,  modular 
HD-Ready  InfraStruXure  and  neutralize  heat  at  the  source.  Equipment  will  be  safer 
and  more  efficient  running  closer  to  100%  capacity. 

Don't  agonize,  virtualize. 

What  are  you  waiting  for?  With  HD-Ready  InfraStruXure  architecture  anyone  can 
virtualize...  anytime,  anywhere.  Just  drop  it  in  and  go. 


Efficiency  and  Virtualization  :  S  mmman 

Your  servers  are  efficient  but  is  your  power  and  cooling?  ■  power  usage/capacity 


Pre-Server  Virtualization 


Big  gains  could  be  made  with  both  server 
and  power  and  cooling. 


□  Correct  Server  Utilization 

□  Correct-sized  Power 

□  Correct-sized  Cooling 


29% 

Efficiency 


Post-Server  Virtualization 


Grossly  oversized  power  and  cooling  cancels 
out  potential  gains  made  by  virtualizing. 


Ef  Correct  Server  Utilization 

□  Correct-sized  Power 

□  Correct-sized  Cooling 

Server  Virtualization  with  Power  and  Cooling 


16% 

Efficiency 


Why  do  leading  companies  prefer  InfraStruXure  6  to  1  over  traditional 
data  center  designs?  Find  out  at  www.xcompatible.com 


Right-sized  power  and  cooling  tip  the  balance  back  in  your  favor. 


Ef  Correct  Server  Utilization 
IZf  Correct-sized  Power 
[Zf  Correct-sized  Cooling 


The  13,000  square  footAPC  InfraStruXure'  hot  aisle  containment 
compute  space  had  a  measured  Data  Center  Efficiency  DCiE  of  78 %  IPUE  1.28) 


The  following  have  been  tested  and  work  best  with  InfraStruXure  Solutions.  Go  to  www.xcompatible.com  to  learn  more. 


SQUARE  D 


ta Cm  MU 


.i|i. Hi. 

CISCO. 


Microsoft  PELCO 


^=S===:  ALLIANCE 
PARTNER 


EMC2 


% 


SELECT 


Download  a  FREE  copy  of  APC  white  paper  #126: 

"An  Improved  Architecture  for  High-Efficiency,  High  Density  Data  Centers" 


Visitwww.apc.com/promo  Key  Code  e151w  •  Call  888-289-APCC  x9678  •  Fax  401-788-2797  by  Schneider  Electric 

©  2008  American  Power  Conversion  Corporation.  All  trademarks  are  owned  by  Schneider  Electric  Industries  S.A.S.,  American  Power  Conversion  Corporation,  or  their  affiliated  companies 

e-mail:  esupport@apc.com  •  132  Fairgrounds  Road.  West  Kingston,  Rl  02892  USA  998-1257 


NEWS  ANALYSIS 


Gartner:  Top  20  ways  to  tighten  IT 

Re-examining  cell  phone  plan  costs,  virtualizing  servers  among  keys 


BY  NEAL  WEINBERG 

ORLANDO  —  In  tough  economic  times,  all 
enterprise  departments  are  required  to  tighten 
their  belts.  To  help  IT  executives  navigate 
through  the  cost-cutting  maze,  Gartner  analysts 
last  week  presented  a  list  of  20  ways  they  can 
slash  expenses. 

1.  The  most  obvious  place  to  start  is  people 
costs.  Gartner  estimates  that  37%  of  the  average 
IT  budget  is  dedicated  to  personnel, so  this  rep¬ 
resents  a  major  opportunity  to  save  money 
Gartner  recommends  a  blend  of  hiring  freezes, 
reducing  or  eliminating  special  bonuses,  and 
cutting  back  on  outside  contractors.  Also, 
global  companies  that  have  opened  offices  in 
remote  areas  should  consider  bringing  those 
workers  home. 

2.  Flatten  the  organization.  Instead  of  having 
one  person  manage  six  or  seven  employees, 
trim  some  of  that  middle  management  and 
have  your  IT  execs  manage  approximately 
20  people.  A  flat  organization  not  only  saves 
money  but  also  can  lead  to  more  efficiency 

3.  Move  to  shared  services.  Consolidate  such 
things  as  help  desk  into  one  group  that  ser¬ 
vices  the  entire  company 

4.  Even  if  you  have  to  borrow  somebody 
from  another  part  of  the  company,  bring  a 


finance  person  into  your  leadership  team  to 
analyze  your  budget  and  help  you  trim  costs. 

5.  Don’t  ignore  “unmanaged”  costs,  such  as 
printers  or  data-center  power. 

6.  Check  your  invoices  to  make  sure  your 
vendors  are  charging  you  what  your  contract 
specifies.  For  example,  your  wireless  vendor 
agreed  to  give  you  free  shipping  when  it  sends 
new  cell  phones  to  remote  workers,  but  a  few 
months  later,  shipping  charges  start  appearing 
on  your  cell  phone  bill.  If  you  don’t  check, 
you’ll  never  know. 

7.  Eliminate  unused  software  and  modules. 

8.  Get  tougher  with  vendors  when  it  comes  to 
negotiating  contracts.  Don’t  be  afraid  to  switch 
vendors,  or  at  least  go  the  first  step  of  deter¬ 
mining  what  it  would  cost  to  switch. 

9.  Buy  a  telecommunications  expense-man¬ 
agement  service.  It  pays  for  itself  and  more. 

10.  Deploy  a  corporatewide  plan  for  buying 
cell  phones,  then  buy  a  cell  phone  plan  that 
optimizes  expenses.fhis  will  be  less  expensive 
than  letting  employees  buy  phones  and  plans, 
then  expense  them. 

11.  If  there  are  places  you  don’t  need  five- 
nines  of  availability  settle  for  three-nines.  It  will 
save  you  money  when  you  negotiate  with  your 
vendor. 


12.  Consider  buying  a  videoconferencing 
unit  rather  than  constantly  renting. 

13.  Where  possible,  replace  expensive  WAN 
transport  services  with  the  Internet. 

14.  Defer  moving  to  Vista.  If  your  PC  hardware 
is  holding  up,  consider  sticking  with  it. 

15.  Use  commodity  products  wherever  possi¬ 
ble,  and  skip  best-of-breed  in  cases  where  “best 
of  need”  will  suffice. 

16.  Consolidate  and  virtualize  servers. 

17.  Reduce  storage  costs  via  data  deduplica¬ 
tion  and  other  methods. 

18.  Use  better  processes  and  policies  to  make 
better  use  of  existing  tools. 

19.  Deploy  IP  telephony  and  VoIP  to  cut  costs 
for  moves,  adds  and  changes. 

20.  Harvest  unused  software  licenses  and  re 
use  them  for  new-employee  requests.  ■ 


ONLINE:  Another  Gartner  list 

Gartner  was  big  on  issuing  lists  last 
week,  also  revealing  its  list  of  the  10 
most  important  strategic  technologies 
for  2009. 

www.nwdocfinder.com/7147 


Cisco  offers  public  Telepresence 


BY  STEPHEN  LAWSON,  IDG  NEWS 
SERVICE 

Cisco  and  Tata  Communications  have  ex¬ 
panded  a  network  of  public  Telepresence 
meeting  centers  to  the  United  States  and 
United  Kingdom,  and  plan  to  set  up  100  of  the 
high-end  videoconferencing  centers  around 
the  world  by  the  end  of  next  year. 

Tata, an  India-based  telecommunications  car¬ 
rier,  opened  five  of  the  centers  in  India  earlier 
this  year.  They  are  available  by  the  hour  for 
meetings  between  individuals  or  companies 
that  can’t  or  don’t  want  to  invest  in  their  own 
Telepresence  systems.  Tata  operates  the  facili¬ 
ties  and  uses  its  international  backbone  net¬ 
work  to  link  them. 

TelePresence  is  a  conference  system  that  in¬ 
cludes  high-quality  video  and  audio,  as  well  as 
presentations.  It  comes  in  configurations  that 
range  from  a  single  screen  for  a  home  or 
branch  office  to  a  three-screen  setup  with  two 
rows  of  seats.  Prices  range  from  $34,900  to 
$349,000.  It  is  a  major  focus  for  Cisco,  which  has 
said  it  uses  about  300  TelePresence  systems 
internally. 

Tata  has  now  set  up  public  TelePresence  sites 
at  Taj-brand  hotels  in  London  and  Boston,  and 


the  companies  held  a  media  briefing  Tuesday 
at  another  public  center  in  the  headquarters  of 
Cisco’s  WebEx  division  in  Santa  Clara,  Calif.The 
facilities  are  available  for  booking,  with  rates 
from  $299  to  $899  per  hour,  depending  on 
room  size.  The  Santa  Clara  facility  has  seven 
conference  rooms  for  meetings  with  up  to  18 
participants.  Before  customers  go  into  the 
meeting  rooms,  they  can  familiarize  them¬ 
selves  with  the  city  from  which  their  counter¬ 
parts  will  be  joining  them,  with  local  weather 
and  news  and  Webcam  images. 

Cisco  says  it  has  sold  about  1,000  Tele¬ 
presence  systems  to  approximately  200  cus¬ 
tomers,  chiefly  large  enterprises.  The  public 
suites  are  ideal  for  small  and  midsize  busi¬ 
nesses  that  can’t  afford  the  capital  investment, 
but  also  for  large  enterprises  that  want  to  meet 
virtually  with  partners,  the  company  says. 
Although  TelePresence  interoperates  with 
other  videoconferencing  systems,  quality  and 
ease  of  use  are  best  in  sessions  between  Cisco 
units,  says  Marthin  De  Beer,  senior  vice  presi¬ 
dent  and  general  manager  of  Cisco’s  Emerging 
Technologies  Group. 

The  100  sites  to  be  open  by  the  end  of  2009 
will  be  distributed  across  six  continents,  but 


not  all  the  locations  have  been  chosen  yet, says 
Peter  Quinlan,  director  of  TelePresence 
Managed  Services  at  Tata.  The  carrier  plans  to 
target  major  business  centers  but  also  loca¬ 
tions  that  are  important  to  business  and  are 
hard  to  reach  because  of  distance,  poor  infra¬ 
structure  or  security  issues,  he  says. 

Cisco  plans  to  tighten  interoperability  with 
meeting  systems  from  such  rivals  as  HRTand- 
berg  and  Polycom,  De  Beer  says.  Tata  has  an 
interest  in  improved  interoperability  because 
that  would  increase  opportunities  for  high- 
quality  conferences  between  the  public  Cisco 
TelePresence  suites  and  existing  corporate  sys¬ 
tems  from  other  vendors,  Quinlan  says. 

High-quality  virtual  meetings  can  take  the 
place  of  many  in-person  meetings,  not  only 
saving  travel  time  and  expense  but  allowing 
companies  to  move  more  quickly  according  to 
Cisco.  For  example,  product  development 
teams  spread  across  the  world  can  collaborate 
more  frequently  and  companies  can  more 
quickly  close  a  deal  with  a  potential  customer 
by  getting  top  executives  in  a  meeting  on  less 
notice.  De  Beer  also  expects  consumers  to  use 
the  suites  on  weekends  to  get  together  with 
family  and  friends  far  away.  ■ 
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»  Problems  piling  up?  The  crush  of  complicated  legacy  data  centers  —  the  multiple 
platforms,  management  tools,  OSs  —  have  enterprises  at  the  breaking  point.  So 
break  free  with  Juniper  Networks.  Meet  all  your  immediate  and  long-term  initiatives 
through  a  simplified,  sustainable,  scalable  architecture  —  so  your  business  grows, 
not  the  costs  or  risk.  Juniper  Data  Center  Infrastructure  Solutions  consolidate 
platforms  and  remove  complex  layers,  meaning  speedier  service  delivery  and  always- 
on  availability  across  your  extended  enterprise. 

No  more  short-term,  quick-fix  patches.  The  switch  is  on  to  Juniper,  and  to  superior 
agility,  efficiency  and  a  commanding  competitive  edge:  www.juniper.net/datacenter 
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GPS  chips  get  sophisticated 


BY  JOHN  COX 

Ever  wonder  how  that  GPS  chip  in  your  cell 
phone  or  personal  navigation  device  or  some 
other  gizmo  used  by  your  field  workers  knows 
how  to  find  the  orbiting  satellites  and  grab 
their  positioning  data?  It  has  to  hunt  for  them, 
and  that’s  where  a  number  of  frustrating  GPS 
problems  lie. To  solve  them,  a  group  of  service 
providers,  including  U.S.  silicon  vendor  Broad¬ 
com,  are  using  different  tech¬ 
niques  to  augment  the  basic  GPS 
satellite  system. 

To  hunt  for  the  several  naviga¬ 
tion  satellites  it  needs,  a  GPS  chip 
first  needs  information  about  the 
satellites,  especially  their  orbits. 

Then  it  uses  that  information  to 
find  their  signal  and  download 
their  ranges  and  positions  at  a 
given  point  in  time.  Only  then  can 
the  chip  crunch  the  data  and  plot 
its  own  longitude  and  latitude. 

This  process, especially  the  first 
step,  takes  time,  which  can  stretch 
to  minutes.  On  top  of  that,  if  the 
satellite  signal  is  weak  or  the  GPS 
chip  is  indoors  or  out  of  range,  the 
device  won’t  be  able  to  collect 
that  initial  data  at  all.  And  if  even 
one  bit  is  dropped  during  trans¬ 
mission  from  space,  the  whole 
process  has  to  start  again  —  unless 
you  can  make  use  of  a  kind  of  GPS 
system  for  the  satellites  them¬ 
selves:  some  data  that  tells  the  GPS 
chip  in  your  handset,  in  effect, 

“look  here  for  this  satellite,  and 
here  for  this  other  one.”  Such  a  sys¬ 
tem  could  slash  the  time  needed 
for  that  first  fix  to  seconds,  and  pro¬ 
vide  the  necessary  starting  data 
where  a  signal  might  be  too  weak 
to  pull  it  down. 

It  turns  out  there  are  systems  that 
in  various  ways  augment  data 
from  navigation  satellites. The  aug¬ 
mentations  are  used  to  slash  the 
time  for  the  initial  location  fix;  to 
correct  for  the  impact  of  such  vari¬ 
ables  as  transmission  delay  created  by  distor¬ 
tions  in  the  ionosphere  and  troposphere, “clock 
drift”  onboard  the  satellites,  even  tidal  fluctua¬ 
tions;  to  increase  precision  to  inches  instead  of 
yards;  or  a  combination  of  these. 

Differential  GPS  systems  focus  on  high  preci¬ 
sion.  One  of  the  best  known  is  NASAs  Global 
Differential  GPS  System,  developed  originally 
by  the  Jet  Propulsion  Laboratory  (JPL),run  by 
the  California  Institute  of  Technology  under  a 
NASA  contract.  NASA  claims  it’s  the  biggest 
such  network,  originally  built  to  support  its 
own  terrestrial, airborne  and  space  operations, 
but  now  available  to  government  and  com¬ 


mercial  customers.  Some  are  mainly  research 
oriented,  like  that  of  NASAs  JPL. 

Another  example, using  a  different  approach, 
is  the  StarFire  Network  from  Navcom  Tech¬ 
nology  (now  a  unit  of  John  Deere  Co.),  which 
specializes  in  very-high-precision  (10  centime¬ 
ters)  GPS  applications,  such  as  for  land  and 
aerial  surveying,  precision  agriculture,  and 
machine  control. 


What’s  called  “assisted  GPS,”  however,  doesn’t 
aspire  to  this  level  of  accuracy  Instead,  these 
services  typically  use  the  standard  satellite  sig¬ 
nal  to  help  client  GPS  chips  get  that  initial 
orbital  data  faster  or  more  reliably  or  both. 
Usually  these  services  are  aimed  at  cellular 
carriers  or  device  makers. 

One  provider  of  assisted  GPS  is  Broadcom, 
the  big  U.S.  silicon  manufacturer  whose  inven¬ 
tory  includes  GPS  chips.  Other  providers  in¬ 
clude  Andrew  Wireless  Solutions,  a  division  of 
CommScope,  with  its  Geometrix  MLC  service, 
and  Telecommunication  Systems  (TCS),  with 
its  Xypoint  service. 


Broadcom’s  Worldwide  Reference  Network 
was  launched  in  2000,  created  by  Global 
Locate,  which  was  itself  an  early  GPS  chip  start¬ 
up.  Global  Locate  realized  it  needed  a  refer¬ 
ence  network  to  create  a  reliable,  consistent 
and  fast  source  of  orbit-tracking  data  if  the 
chips  were  to  deliver  the  goods,  says  David 
Murray  director  of  marketing  with  Broadcom’s 
GPS  products  group. 

Broadcom’s  network  consists  of 
a  global  chain  of  GPS  receivers  at 
ground  stations,  clustered  around 
the  earth’s  equator.  The  vendor 
won’t  say  how  many  receivers  or 
stations  it  has,  only  that  there  are  at 
least  three  receivers  continuously 
tracking  the  28  satellites  now  in 
orbit,  Murray  says. 

The  receivers  monitor  the  GPS 
satellites  and  track  their  orbits, 
feeding  data  in  real  time  to  two  re¬ 
dundant  servers,  one  in  New  Jer¬ 
sey,  one  in  New  York,  run  by  a  third- 
party  data-center  operator.  Today 
about  20  million  devices  access 
this  data  via  an  IP  connection, 
eliminating  the  slow  process  of 
satellite  hunting,  and  creating 
almost  immediate  fixes.  Broad¬ 
com  charges  for  the  service,  which 
usually  is  bought  by  carriers  or 
handset  makers,  and  which  works 
with  other  brands  of  GPS  chips. 

Here’s  how  the  service  works.  A 
fleet  driver  needs  to  find  the  clos¬ 
est  service  station  that  has  a  con¬ 
tract  with  his  company  for  diesel 
fuel.  He  pulls  out  his  company 
smartphone  and  presses  an  icon 
to  load  Google  Maps. The  phone 
has  a  small  application  that  uses 
an  industry  protocol,  Secure  User 
Plane  Location,  to  access  the 
Broadcom  reference  network  via 
an  IP  connection,  and  request  the 
orbital  data.  That  takes  eight  to  10 
seconds,  Murray  says.  Once  it 
knows  where  to  find  the  satellites, 
the  GPS  chip  can  get  the  range  and 
timing  data  it  needs  in  a  couple  of  seconds. 

That  speed  and  reliability  is  critical.  Second- 
generation  cellular  networks  support  e911 
emergency  calls  by  using  a  triangulation  tech¬ 
nique  based  on  cell  phone  tower  signals  to  cal¬ 
culate  a  rough  location,  Murray  says.  But  3G 
networks  use  the  much  more  precise  GPS, 
which  can  narrow  the  position  to  within  a  few 
meters.  Broadcom  supports  both  techniques, 
part  of  a  plan  to  create  a  service  that  eventu¬ 
ally  will  automatically  use  several  techniques 
to  locate  a  mobile  device,  depending  on  the 
precision  needed  and  on  the  availability  of  the 
various  techniques.  ■ 


Eaton  expertise  in  a  UPS. 

Uninterruptibility  from  Eaton®  is  an  iron-clad 
promise,  backed  by  a  $13B  global  organization  and 
a  century-iong  heritage  with  power  protection, 
distribution  and  management  expertise.  That 
expertise  has  grown  to  include  the  Powerware® 
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Data  boom  spells  storage  overhaul 


BY  JON  BRODKIN 

Exploding  amounts  of  digital  information 
and  an  ongoing  transition  to  a  so-called 
“information  economy”  will  require  a  new, 
more  holistic  approach  to  storage,  speakers 
at  last  week’s  Storage  Networking  World  con¬ 
ference  said. 

Just  as  businesses  employ  a  CFO  to  make 
money  save  money  and  stay  out  of  legal  trou¬ 
ble,  enterprises  will  need  an  exec¬ 
utive  focused  on  the  risks  and 
rewards  of  handling  digital  infor¬ 
mation,  said  Chuck  Hollis,  global 
marketing  chief  technology  officer 
at  EMC.  “ 

A  good  CFO  leverages  a  compa¬ 
ny’s  economic  portfolio  as  an 
asset,  and  “I’m  starting  to  see  more 
and  more  CIOs  that  see  their  job 
the  same  way  but  around  informa¬ 
tion,”  Hollis  said. 

Hollis  was  one  of  numerous 
speakers  at  the  conference  in 
Dallas  this  week,  hosted  by  Com- 
putenvorld  and  the  Storage  Net¬ 
working  Industry  Association. 

Information  is  fast  becoming  the 
world’s  “single  most  valuable  as¬ 
set,”  Hollis  said.  As  such,  it’s  impor¬ 
tant  to  oversee  the  entire  informa¬ 
tion  portfolio,  understand  where 
it’s  being  stored,  how  it’s  being 
used,  and  to  stay  out  of  trouble  by 
complying  with  all  security  and 
data  retention  regulations.  Hollis 
also  predicted  that  consumers  are 
going  to  demand  ever  more  detail 
about  their  personal  information 
and  where  it’s  being  stored,  and 
will  want  as  much  control  over 
that  information  as  they  have  over 
their  personal  finances. 

“I  think  the  next  five  years  are 
going  to  be  more  interesting  than 
the  last  20  years  put  together,” 

Hollis  said.  “We’re  becoming  an 
information  economy’ 

More  than  369  exabytes  of  infor¬ 
mation  have  been  created  since 
the  beginning  of  2008,  more  than  double  the 
amount  in  all  of  2006,  according  to  EMC’s 
Digital  Footprint  Calculator. 

Data  creation  is  growing  by  60%  each  year,  in 
good  economic  times  and  bad,  Hollis  noted. 
Another  speaker,  Madge  Meyer,  exective  vice 
president  and  head  of  global  infrastructure  ser¬ 
vices  at  State  Street  Corp.in  Boston, said  her  or¬ 
ganization  acquires  40TB  of  new  information 
each  month. 

The  burden  is  falling  heavily  on  storage 
administrators,  particularly  when  it  comes  to 
securing  all  this  information,  said  IT  industry 
consultant  Richard  Austin. 


“The  information  that  has  become  the  crown 
jewels  of  the  modern  enterprise  is  completely 
coming  under  the  control  and  responsibility 
[of  storage  professionals]  ”  he  said. 

Even  as  storage  costs  go  down  on  a  per-byte 
basis,  businesses  are  spending  more  on  storage 
each  year  because  of  data  growth  and  power 
consumption.  Diane  Bryant,  vice  president  and 
CIO  of  Intel,  said  her  company  predicts  it  will 


double  its  storage  spending  by  2012.“It’s  daunt¬ 
ing,”  she  said.  That  type  of  growth  is  “not  some¬ 
thing  we  have  the  ability  to  maintain  or  sup- 
port.This  is  unsustainable.” 

Increasing  complexity  of  devices,  electronic 
forms  of  collaboration,  the  proliferation  of  the 
Web  as  a  business  tool,  and  all  types  of  regula¬ 
tions  are  contributing  to  the  amount  of  infor¬ 
mation  that  enterprises  must  store,  Bryant  said. 

Intel  is  creating  information  life-cycle  man¬ 
agement  policies  for  all  of  its  data,  describing 
how  quickly  it  must  be  accessed,  how  long  it 
must  be  retained  and  when  it  should  be  de¬ 
leted.  Virtualization  and  thin  provisioning,  the 


latter  of  which  prevents  over-allocation  of  stor¬ 
age,  also  is  in  the  works,  Bryant  said. 

Intel  is  further  trying  to  cut  costs  by  using 
tiers  of  storage,  because  not  all  applications 
need  ultra-fast  access  to  information.  Solid- 
state  disk,  for  example,  is  devoted  to  the  appli¬ 
cations  requiring  the  highest  performance  and 
reliability  while  optical  tape  is  set  aside  for  bulk 
storage,  Bryant  said. 

There  are  numerous  roadblocks 
preventing  optimal  handling  of 
data,  from  aging  equipment  to 
lack  of  mobility  and  low  storage 
utilization  rates,  noted  speaker 
Jack  Domme,  COO  of  Hitachi 
Data  Systems.  Complicating  mat¬ 
ters  is  the  poor  economy,  which 
has  business  executives  demand¬ 
ing  spending  reductions. 

Costs  can  be  reduced  signifi¬ 
cantly  by  improving  data  mobility 
with  storage  virtualization,  use  of 
thin  provisioning  and  lower-cost 
storage  tiers,  as  well  as  de-duplica- 
tion  and  archival  of  “stale”  data 
that’s  rarely  accessed,  Domme 
said.  “We  all  know  our  utilization 
rates  of  our  assets,  our  data  and 
our  storage  are  fairly  low;”  he  said. 
“Everywhere  I  go  [people  say]  the 
key  is  utilization  increase.” 

It’s  also  crucial  not  to  store 
redundant  copies  of  data,  Wayne 
Adams,  an  EMC  official  and  chair¬ 
man  of  the  Storage  Networking 
Industry  Association,  said  in  an 
interview.  This  requires  a  close 
accounting  of  data  and  metadata 
with  tagging  and  search  capabili¬ 
ties,  allowing  all  copies  of  a  given 
piece  of  data  to  be  deleted  at  the 
end  of  its  life  cycle,  he  said. 

While  many  of  these  measures 
can  be  deployed  immediately, 
Xiotech  CEO  and  President 
Casey  Powell  predicted  a  com¬ 
plete  revamping  of  how  storage 
is  organized  and  allocated  in  the 
coming  years.  The  storage-area 
network  won’t  provide  the  flexibility  needed 
in  the  future,  he  said.  Applications  themselves 
must  be  able  to  control  their  own  storage 
resources,  automatically  provisioning  and  de¬ 
provisioning  storage  as  needed,  he  added. 
“We  need  a  system  that  is  integrated  to  the 
point  that  the  application,  in  conjunction 
with  the  operating  system,  controls  its  own 
destinyf  he  said. This  will  reduce  the  potential 
of  human  error  and  let  storage  pros  focus  on 
higher-level  tasks.” 

Pbwell  acknowledged  this  will  be  difficult, 
particularly  when  it  comes  to  creating  applica¬ 
tions  that  can  control  unstructured  data.H 


and  MGE  Office  Protection  Systems™  product 
families.  Today  the  Eaton  label  is  found  on  UPSs 
with  the  highest  efficiency,  smallest  footprint, 
lightest  weight,  and  easiest  installation  available 
to  help  you  meet  your  power  challenges — 
and  power  through. 
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Symantec 
details  grand 
plan  for  product 
integration 

BY  ELLEN  MESSMER 

Symantec  last  week  detailed  a  plan  to  fur¬ 
ther  integrate  its  diverse  products  under  a 
common  management  platform,  as  well  as 
support  third-party  products  by  means  of  its 
published  interfaces. 

The  Open  Collaborative  Architecture  is  a 
“work  in  progress”  that  includes  bringing 
together  Symantec’s  endpoint  security  suite 
and  backup  and  recovery  products  with  asset- 
management  offerings  obtained  via  the  Altiris 
acquisition  late  last  year,  says  Kevin  Murray, 
senior  director  of  product  marketing. 

The  first  phase  of  the  plan  has  already  been 
put  in  motion,  with  the  Symantec  Client 
Management  Suite,  the  Server  Management 
Suite,  and  the  IT  Service  and  Asset  Manage¬ 
ment  Suite  supported  under  the  Altiris  frame¬ 
work,  Murray  says.  The  next  version  of  the 
Symantec  data-leak  prevention  client  is  ex¬ 
pected  to  have  the  Altiris  management  client 
embedded  by  early  next  year. 

Future  efforts  include  bringing  Symantec 
Endpoint  Protection,  BackUp  Exec  System  and 
Veritas  Configuration  Manager  under  the 
Open  Collaborative  Architecture  framework. 
The  “center  of  gravity”  in  this  technical  effort 
lies  in  a  server-based  integration  technology 
called  Notification  Server  that  will  be  built  into 
future  product  offerings,  Murray  says. 

The  initiative’s  other  purpose  is  to  provide  an 
open  set  of  APIs  and  a  software  development 
kit  that  companies  can  use  to  provide  func¬ 
tional  support  for  their  own  products  under 
the  Symantec  management  umbrella. 

Bit9  and  Savant  Protection,  which  offer 
approaches  to  application  “whitelisting,”  as 
well  as  Dorado  Software,  a  network  and  ser¬ 
vices  management  firm,  on  Tuesday  an¬ 
nounced  support  for  the  Symantec  architec- 
ture.The  software-developer  program  grew  out 
of  an  earlier  Altiris  partner  program. 

In  addition,  Dell  is  standardizing  system  man¬ 
agement  offerings  for  all  of  its  enterprise-class 
machines  on  the  Symantec  Management 
Platform.  The  Dell  Management  Console  will 
act  as  a“modular  plug-in”to  the  Symantec  plat¬ 
form,  according  to  Dell.  HP’s  client  manager 
also  is  based  on  the  Symantec  architecture, 
Symantec’s  Murray  says. 

Murray  acknowledges  that  Symantec  has  no 
announced  time  frame  for  reaching  its  desired 
goal  of  this  integration  effort,  which  is  to  be 
able  to  provide  customers  with  the  option  for 

a  single  common  console”  to  manage  all 
Symantec  products.* 


McAfee  bolsters  network 
access  security 


BY  TIM  GREENE 

McAfee  is  making  it  possible  for  customers 
to  enforce  network  access  policies  on  unman¬ 
aged  devices,  such  as  laptops  owned  by  visi¬ 
tors  or  consultants. 

The  company  is  announcing  that  customers 
now  have  the  option  to  enforce  NAC  policies 
via  McAfee’s  intrusion-prevention  system 
(IPS)  appliance  known  as  Network  Security 
Platform  (formerly  called  IntruShield). 

So,  if  an  unmanaged  device  is  discovered  on 
the  network,  the  IPS  can  restrict  its  network 
access  in  accordance  with  preset  policies,  for 
example,  allowing  the  device  to  gain  Internet 
access  but  nothing  else.  Until  now,  McAfee 
NAC  policies  could  be  enforced  only  via  soft¬ 
ware  on  each  endpoint,  which  meant  that 
devices  not  managed  by  businesses  could  not 
be  held  to  NAC  rules. 

In  the  first  quarter  of  2009,  McAfee  is  ex¬ 
pected  to  introduce  a  separate  appliance 
dedicated  to  NAC,  so  if  customers  don’t  want 
an  IPS,  they  can  still  enforce  NAC  policies  on 
unmanaged  devices. 

That  is  the  biggest  benefit  of  device-based 
NAC  enforcement,  says  Vinit  Duggal,  CISO  of 
Intelsat,  the  $2.5  billion  satellite  communica¬ 
tions  company  that  already  was  a  customer  of 
McAfee  security  software.  He  says  that  soft¬ 
ware  gives  him  good  visibility  into  endpoint 
compliance  with  NAC  rules  and  finds  rogue 
devices  —  unmanaged  endpoints  —  that 
need  to  be  contained. 

These  devices  could  include  laptops 
brought  onto  the  network  by  consultants  and 
vendors  or  devices  owned  and  installed  by 
employees,  Duggal  says.  Once  discovered  by 
the  software,  an  IPS  can  enforce  NAC  policies 
on  them. 

Duggal  likes  NAC  enforcement  on  the 
Network  Security  Appliance  because  it  can 
take  action  directly  without  requiring  inter¬ 
vention  from  staff.  At  the  same  time, 
McAfee’s  endpoint  NAC  agent  is  useful  for 
managed  devices  because  it  can  make  sure 
they  pass  corporate  policy  health  checks, 
he  says. 

Enforcing  NAC  via  software  and  hardware 
will  become  a  common  requirement  of 
businesses  buying  NAC  equipment, says  Rob 
Whiteleyan  analyst  with  Forrester  Research. 
“Unless  you  have  a  very  narrow  need  for 
NAC,  then  ultimately  you’re  going  to  need  a 
solution  from  one  vendor  or  multiple  ven¬ 
dors  that  gives  you  the  flexibility  to  do 
either,”  he  says. 

A  business  that  just  wants  to  keep  guests 
and  visitors  off  the  corporate  network  but 
grant  them  Internet  access  can  get  by  with  a 
NAC  appliance,  but  appliances  don’t  scale 


well  for  deployment  in  large  organizations, 
Whiteley  says. 

Before  this  hardware  announcement, 
McAfee’s  NAC  options  were  limited  to  its 
Policy  Enforcer  Agent  running  on  endpoints 
managed  by  McAfee’s  overriding  ePolicy  Or- 
chestrator  (ePO), which  also  manages  McAfee 
antivirus,  antispam  and  host  IPS.  If  the  agent 
finds  a  problem,  it  restricts  network  connectiv¬ 
ity  without  relying  on  network  infrastructure 
for  enforcement. 

McAfee’s  NAC  software  also  can  work  with 
other  vendors’  NAC  gear,  including  gear  from 
Juniper  Networks  and  Check  Point  Software, 
using  their  products  as  enforcement  points. 
This  gives  McAfee  parity  with  other  vendors 
that  come  at  NAC  from  the  hardware  side, 
Whiteley  says.  McAfee  NAC  also  is  compati¬ 
ble  with  Microsoft’s  version  of  the  technol¬ 
ogy  called  network  access  protection,  so 
NAP’s  policy-decision  and  enforcement 
mechanisms  could  be  used  with  McAfee’s 
agent,  for  example. 

The  addition  of  network-based  enforcement 
gives  McAfee  more  options  but  not  necessarily 
more  options  than  its  competitors,  Whiteley 
says.  He  notes  that  Juniper  can  enforce  NAC 
policies  at  its  IPS  or  firewalls  or  other  switches. 
Juniper’s  endpoint  NAC  client  software  doesn’t 
do  as  much  as  McAfee’s,  however.“It’s  not  a  full 
protection  agent  like  McAfee’s,  where  you’re 
going  to  get  more  comprehensive  risk  cover¬ 
age  at  the  endpoint,”  he  says. 

Because  McAfee’s  NAC  is  blended  with  its 
ePO,  managing  NAC  falls  under  an  existing 
management  platform,  reducing  the  training 
needed  to  keep  track  of  it,  and  that  is  impor¬ 
tant,  Intelsat’s  Duggal  says.  If  he  judges  that 
security  products  by  different  vendors  afford 
the  same  degree  of  protection,  he  next  checks 
which  is  simpler  to  manage  in  order  to  decide 
between  them. 

Support  for  NAC  on  McAfee’s  IPS  is  available 
now.* 


ONLINE:  Q&A 

Read  our  Q&A  with 
McAfee  CEO  Dave 
DeWalt  about  McAfee's 
plans  to  integrate  management  of  vir¬ 
tual  desktop  security  into  its  ePolicy 
Orchestrator  overall  security  manage¬ 
ment  platform. 

www.nwdocfinder.com/7168 
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For  less  than  $1,500,  a 
high  performance1  multi¬ 
terabyte2  storage  server 
with  software3  can  be 
built  to  serve  256  con¬ 
current  users4 5  for  ADS 
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Domain  Networks. 

Besides  high  performance,  Synology 
servers  are  quiet6,  green6  and  rich  in 
functions.  Backups  cannot  be  easier 
with  the  ability  of  backing  up  Win¬ 
dows®  computers  using  Synology’s 
Data  Replicator  3,  and  supporting 
the  ability  of  backing  up  one  Synol¬ 
ogy  server  to  another,  or  to  another 
computer  using  rsync.  Remote  file 
administration  is  easy  using  the  web- 
based  Synology  File  Station.  With 
support  for  Windows,  Mac®,  and  Linux 
computers,  the  possibilities  are  end¬ 
less.  Please  see 
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1  Synology  DS508:  writes  at  30+MByte/Sec,  reads  at 
50+MByte/Sec,  RAID  5 

2  Synology  DS508  with  5x500GB  HDD 

3  Synology  OS  (DSM  2.0),  PC  Backup  Application 
C;  ta  Replicator  3),  Unlimited  Client  Access  Licenses 

Max:  256  Concurrent  Users,  2048  Local  User  Ac¬ 
counts,  tested  on  domain  with  20,000  User  Accounts 

5  Synology  DS508  Noise  Output:  26dbA  without  HDDs 
6.  Synoiogy  DS508  Power  Consumption:  82  Watts 

Seeking  /  27  Watts  Hibernating 


How  to  get  special 
security  needs  satisfied 


Two  IT  security  pros 
share  advice  on  getting 
vendors  to  work  together 

BY  ELLEN  MESSMER 

When  there’s  not  quite  the  right  fit  in  network 
security  gear  to  meet  your  needs  and  goals, 
you  might  wind  up  settling  for  some  distant 
second  choice,  if  one  exists.  But  enterprise 
technology  managers  are  proving  you  can  get 
what  you  want  by  pushing  vendors  to  innovate 
—  a  trend  that  may  be  growing  because  of  the 
economic  downturn. 

Tony  Lucich,  CISO  and  enterprise  architect  for 
Orange  County  Calif.;  and  Mark  Starry  manager 
of  enterprise  architecture  and  security  for 
Concord  Hospital  in  New  Hampshire  both  hit  a 
few  roadblocks  during  recent  security  projects. 
There  were  incompatibilities  between  switching 
and  security  gear,  or  security  products  fell  short 
of  accomplishing  exactly  what  was  desired.  But 
Lucich  and  Starry  who  don’t  know  each  other, 
share  a  spirit  for  overcoming  obstacles  by  getting 
vendors  to  innovate  to  help  their  organizations. 

Some  analysts  say  this  willingness  to  accom¬ 
modate  customers’  special  needs  happens  less 
often  in  good  times, when  fat-and-happy  vendors 
are  complacent. When  bad  times  arrive, however, 
customizing  is  a  way  to  grow  market  share.“This 
‘responsiveness’  to  customers  is  most  important 
in  downturns  like  we  are  in  nowj’  says  Gartner 
analyst  John  Pescatore,  noting  that  smaller  ven¬ 
dors  often  take  the  lead  in  this  regard. 

For  Starry  the  basic  challenge  was  finding  a 
way  to  comprehensively  monitor  the  complex, 
high-speed  network  put  in  place  based  on  Nortel 
core  routing  switches  and  trunking  to  link  health¬ 
care  facilities  in  its  New  Hampshire  locations  to 
share  high-speed  IP  traffic,  including  VoIP 

Although  Concord  Hospital  already  had  IBM 
Internet  Security  Systems  intrusion-detection 
and  -protection  systems  at  the  perimeter,  this 
gear  wasn’t  the  right  choice  for  monitoring  the 
entire  internal  network.  Starry  says  that  was 
mainly  because  the  Nortel  network,  with  its 
Routed  Split  Multi-Link  Trunking,  is  so  good  at 
eliminating  bottlenecks,  it  made  collecting  secu¬ 
rity-related  information  related  to  packet  flows 
harder  to  collect,  too. 

Starry  began  hunting  for  security-monitoring 
equipment  that  could  work  inside  the  new  net¬ 
work,  narrowing  down  a  short  list  that  included 
Mazu  Networks,  Q1  Labs  and  Lancope.  No  ven¬ 
dor,  however,  supported  Nortel’s  proprietary  pro¬ 
tocol.  Cisco’s  version  of  NetFlow  was  the  norm. 

Starry  didn’t  give  up.  He  discovered  that 
Lancope  was  willing  to  update  its  StealthWatch 
network  behavior-analysis  monitoring  gear  to 
support  Nortel,  and  he  brought  Lancope  engi¬ 
neers  together  with  Nortel  ones  to  make  it  hap¬ 
pen. This  didn’t  come  cheap:  Starry  says  there’s 


so  much  additional  stress  put  on  switches 
made  to  export  every  session  out  to  a  security 
collector  that  the  switches  had  to  be  boosted 
with  special  hardware  cards  that  cost  upwards 
of  $100,000. 

The  month-long  development  work  —  which 
helped  Nortel  correct  a  bug  in  its  code  —  was 
successful,  however,  and  the  security  monitoring 
is  working  as  envisioned,  identifying  unwanted 
applications  and  network  usage,  Starry  says. 
“With  Lancope,  we  can  tell  if  someone  is  trying 
to  access  that  fund-raising  server,  for  instance,” 
Starry  says,  noting  that  the  comprehensive  inter¬ 
nal  monitoring  is  a  requirement  to  meet  the 
demands  of  audit  committees. 

Orange  County’s  e-mail  encryption  plan 

For  Lucich,  the  issue  was  finding  encryption 
and  e-mail  security  vendors  to  help  meet  the 
requirement  that  the  county’s  23  agencies,  with 
their  24,000  or  so  employees,  encrypt  e-mail  con¬ 
taining  sensitive  data,  such  as  Social  Security 
numbers  or  financial  information. 

After  a  review  of  encryption  possibilities,  the 
county  favored  the  public-key  certificate  system 
in  Voltage  Security’s  SecureMail,  which  doesn’t 
require  digital  certificate  distribution.  But  the 
county  needed  to  find  a  way  to  send  all  the 
county  e-mail  through  a  common  point  to  be 
subject  to  content  inspection, as  well  as  blocking  . 
inbound  spam,  Lucich  says. 

For  that,  Lucich  favored  Secure  Computing’s 
IronMail  appliance  (Secure  Computing  is  being 
acquired  by  McAfee).  Ideally  the  county  wanted 
the  Voltage  SecureMail  server  and  the  IronMail 
gateway  appliance  to  work  in  harmony  so  that 
IronMail  could  make  the  decision  to  encrypt  at 
certain  times,  even  if  the  county  employee  had 
failed  to  do  that  manually. 

Lucich  says  he  encouraged  Secure  Computing 
to  figure  out  how  to  integrate  IronMail  with 
Voltage’s  SecureMail  digital-certificate  server 
and  required  them  to  show  that  was  possible 
before  finalizing  a  contract. 

The  result  was  what  he  wanted,  Lucich  says: 
“The  true  policy  engine  is  in  IronMail,  which 
has  to  scan  to  decide  whether  to  encrypt. The 
encryption  is  with  SecureMail  because  we 
wanted  key  management  the  way  Voltage  did 
it.”  Since  the  e-mail  encryption  process  went 
live  in  June,  about  25%  of  Orange  County 
employees  have  been  trained  in  how  the 
security  method  works.  ■ 


ONLINE:  Security  trends 

Read  through  Network  World’s  online 
PDF  of  trends  in  network  security. 
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How  bad  is  U.S.  broadband  deployment? 
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kongress  has  passed  —  and  the  president 
.has  signed  —  the  Broadband  Data 
'improvement  Act.  It  may  now  be  possible 
to  get  some  useful  information  about  where 
the  United  States  sits  in  the  world  when  it 
comes  to  the  deployment  and  adoption  of 
broadband  Internet  services.  If  this  turns  out  to 
be  the  case,  it  will  be  the  first  time  we  would 
have  any  real  idea. 

For  reasons  best  known  to  itself,  the  FCC  has 
for  years  adamantly  refused  to  collect  the  data 
necessary  to  understand  the  true  state  of  the 
deployment  of  broadband  Internet  service  in  the  United  States.  Earlier 
this  year  the  FCC,  under  the  threat  that  Congress  would  order  it  to 
change  its  ways,  did  say  it  would  collect  better  data  in  the  future. 

Even  with  the  somewhat  better  data  there  was  no  good  reason  to 
think  that  the  FCC  would  produce  more  useful  statistics,  considering  its 
track  record.  Now  Congress  has  acted  and  there  is  some  additional 
reason  to  hope. 

The  recently  adopted  law  is  aimed  at  improving  “the  quality  of  feder¬ 
al  and  state  data  regarding  the  availability  and  quality  of  broadband 
services  and  to  promote  the  deployment  of 
affordable  broadband  services  to  all  parts  of 
the  nation.” 

The  law  mandates  some  useful  ways  to 
attain  the  first  goal  but  does  not  do  anything 
useful  towards  the  second  other  than  enable 
regulators  to  shame  broadband  service 
providers  that  are  not  doing  a  good  job. 

The  law  requires  the  FCC  to  compile  a  list  of 
poorly  served  parts  of  the  country  I  guess  this 
is  so  carriers  in  those  areas  can  be  publicly 
chastised  for  their  poor  behavior. 
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The  law  also  requires  that  the  FCC  figure  out  how  U.S.  broadband 
deployment  compares  with  that  in  other  countries  in  a  systematic, 
apples-to-apples  way  The  results  of  this  study  will  be  useful  at  least  to 
the  degree  that  they  may  devolve  a  consistent  agreement  as  to  where 
this  country  sits.  I’ve  seen  rankings  that  vary  between  No.  8  and  20  in 
the  world  —  the  number  seems  to  heavily  depend  on  the  goals  of  the 
person  quoting  it. 

The  law  also  requires  the  FCC  to  figure  out  if  it  would  be  useful  to 
collect  data  on  the  actual  speed  that  customers  are  getting  rather  than 
the  fantasy  numbers  provided  by  carriers.  If  feasible  to  obtain,  this 
value  could  force  truth  in  advertising  —  such  a  concept! 

The  law  also  sets  up  a  somewhat  fuzzy  grant  program  that  would  pro¬ 
vide  funds  for  broadband  development.  And  the  law  tries  to  promote 
a  “safe  Internet  for  children.”  But,  unlike  past  efforts  that  mandate  the 
technically  impossible  (such  as  requiring  senders  to  ensure  that 
naughty  words  never  reach  the  eyes  of  children  as  the 
Communications  Decency  Act  tried  to  do),  this  bill  mostly  relies  on 
education  and  development  of  better  filtering  technology  for  parents 
to  use.  The  law  does  suggest  that  having  ISPs  spy  on  their  customers 
and  record  their  activities  would  protect  kids. 

As  with  most  congressional  work  these  days,  this  bill  is  a  mixed  bag, 
but  at  least  it’s  only  10  pages  long  and  does 
not  seem  to  contain  any  earmarks. 

Disclaimer:  Not  everyone  at  Harvard  is  terse, 
nor  does  everyone  at  Harvard  get  things  exact¬ 
ly  right  but,  when  something  is  wrong  it’s  not 
because  someone  is  running  for  reelection.  In 
any  case,  I  know  of  no  university  opinion  on 
this  law,  so  it  must  be  my  own. 


Bradner  is  Harvard  University’s  technology 
security  officer.  He  can  be  reached  at 
sob@sobco.com. 
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A  glimpse  of  the  (networked)  future 


One  of  the  signs  of  getting  older  is  the  feel¬ 
ing  that  things  were  better  “back  in  the 
day”  I’ve  been  lucky  enough  to  avoid  it, 
most  of  the  time.  OK,  I’d  like  to  have  tasted 
Coca-Cola  back  when  it  had  the  original  ingre¬ 
dients.  And  I’ll  admit  to  being  a  bit  nostalgic  for 
the  days  when  you  didn’t  have  to  take  your 
shoes  off  to  get  on  a  plane.  But  overall,  it  strikes 
me  things  are  generally  better  today  from  med¬ 
ical  advances  that  didn’t  exist  three  years  ago 
to  being  able  to  Google  on  your  cell  phone. 

Except  in  one  area:  I’ve  occasionally  won¬ 
dered  why  there  aren’t  any  great  new  science 
fiction  writers  anymore.  I’m  talking  about  folks 
who  can  paint  thought-provoking  visions  of  how  technology  and  soci¬ 
ety  evolve  —  and  still  tell  a  darn  good  story.  My  personal  pantheon 
includes  writers  like  Robert  Heinlein,  Ursula  LeGuin  and  Philip  Dick. 

More  recently  there  are  guys  like  Neal  Stephenson,  who  popularized 
the  notion  of  online  avatars  and  advanced  our  understanding  of  net¬ 
work-connected  life.  (Side  note:  I  still  think  his  1988  novel  “Zodiac”  is 
highly  underrated,  and  once  convinced  his  publisher  to  re-issue  it  in 
paperback.  Seems  the  rest  of  the  world  didn’t  agree  with  me.) 

Still,  the  apparent  scarcity  of  writers  who  could  tell  meaningful  sto¬ 
ries,  particularly  about  how  networks  will  evolve,  had  been  bugging 
me.  I  finally  came  close  to  admitting  that  maybe  when  it  comes  to  sci¬ 
ence  fiction  writers,  they  don’t  make  ‘em  like  they  used  to. 

Boy,  was  I  wrong.Turns  out  I  just  hadn’t  been  paying  attention  to  one 
of  the  new,  brightest  luminaries  in  the  field:  Charles  Stross.You  have  to 
love  a  guy  who  envisions  IT  as  “applied  demonology”  (one  of  the  bene¬ 
fits  of  IPv6  is  apparently  its  superior  ability  to  contain  the  risk  of 
demonic  possession  —  who  knew?)  And  you  really  don’t  want  to 
know  what  happens  to  Fred  in  accounting,  who  keeps  calling  the  help 
desk  with  annoying  requests  for  spreadsheet  fixes. 


But  it’s  Stross’  vision  of  how  networking  —  the  human  kind  and 
machine  kind  —  evolve  that’s  really  thought-provoking.  If  you’ve  read 
his  work,  you  know  what  I  mean  —  and  if  you  haven’t,  you  really 
should  check  it  out.  His  ideas  on  privacy  and  identity  authentication 
alone  are  worth  the  price  of  admission.  He  illustrates  his  ideas  with 
real  humans  that  you  truly  care  about  —  even  as  he’s  pushing  the 
outer  boundaries  of  what  it  means  to  be  “human.” 

If  I  still  haven’t  convinced  you,  have  a  look  here.  It’s  a  recent  essay  by 
Stross  about  some  future  trends,  and  I  won’t  spoil  it  by  describing  it, 
though  I  have  to  brag  that  one  of  the  trends  he  mentions  —  lifelogging 
—  was  something  my  colleague  and  fellow  Network  World  columnist 
Andreas  Antonopoulos  first  proposed  to  me  about  six  years  back.  (It 
almost  made  my  head  explode). 

Anyway  I’m  happy  to  report  that  it’s  true  that  they  don’t  make  science 
fiction  writers  like  they  used  to  —  they’re  even  better  these  days. 

Johnson  is  president  and  senior  founding  partner  at  Nemertes 
Research,  an  independent  technology  research  firm.  She  can  be  reached 
at  johna@nemertes.com. 
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How  DNS  cache  poisoning  works 


BY  BOB  HALLEY 

There  is  a  long  history  of  attacks  on  the  Domain  Name  System  rang¬ 
ing  from  brute-force  denial-of-service  attacks  to  targeted  attacks 
requiring  specialized  software.  In  July  2008  a  new  DNS  cache¬ 
poisoning  attack  was  unveiled  that  is  considered  especially  dangerous 
because  it  does  not  require  substantial  bandwidth  or  processor 
resources  nor  does  it  require  sophisticated  techniques. 


With  cache  poisoning,  an  attacker  attempts 
to  insert  a  fake  address  record  for  an  Internet 
domain  into  the  DNS.  If  the  server  accepts  the 
fake  record,  the  cache  is  poisoned  and  subse¬ 
quent  requests  for  the  address  of  the  domain 
are  answered  with  the  address  of  a  server  con¬ 
trolled  by  the  attacker.  For  as  long  as  the  fake 
entry  is  cached  by  the  server  (entries  usually 
have  a  time  to  live  —  or  TTL  —  of  a  couple  of 
hours)  subscribers’  browsers  or  e-mail  servers 
will  go  automatically  to  the  address  provided 
by  the  compromised  DNS  server. 

(See  a  slideshow  of  how  DNS  cache  poison¬ 
ing  works  at  www.nwdocfinder.com/7151.) 

This  kind  of  attack  often  is  categorized  as  a 
“pharming”  attack,  and  it  creates  several 
problems.  First,  users  think  they  are  at  a 
familiar  site  —  but  they  aren’t.  Unlike  in  a 
“phishing”  attack  where  an  alert  user  can 
spot  a  suspicious  URL,  the  URL  in  this  case  is 
legitimate.  Remember,  the  browser  resolves 
the  address  of  the  domain  automatically  so 
there  is  no  intervention  of  any  kind  on  the 
part  of  the  users;  and  because  nothing 
unusual  has  happened,  they  have  no  reason 
to  be  suspicious. 

Another  problem  is  that  hundreds  or  even 
thousands  of  users  can  be  redirected  if  an 
attacker  successfully  inserts  a  single  fake 
entry  into  a  caching  server.  The  scale  of  the 
problem  is  amplified  by  the  popularity  of  the 
domain  being  requested.  Under  these  cir¬ 
cumstances,  even  a  moderately  experienced 
hacker  can  cause  a  lot  of  trouble,  obtaining 
passwords  and  other  valuable  or  sensitive 
information. 

The  way  to  attack  e-mail  systems  is  similar. 
Rather  than  inserting  a  fake  Web-  server 
record  into  a  DNS  caching  server,  attackers 


Got  great  ideas? 

■  Network  World  is  looking  for  great 
ideas  for  future  Tech  Updates.  If 
you've  got  one,  and  want  to  contribute 
it  to  a  future  issue,  contact  Editor  in 
Chief  John  Dix  Gdix@nww.com) 


insert  a  fake  mail-server  record,  thereby  redi¬ 
recting  corporate  e-mail  to  a  server  they 
control. 

So,  what  does  an  attacker  need  to  do  to  per¬ 
suade  a  caching  server  to  accept  a  fake  entry? 
When  a  DNS  caching  server  gets  a  query  from 
a  subscriber  for  a  domain,  it  looks  to  see  if  it 
has  an  entry  cached.  If  it  does  not,  it  asks 
authoritative  DNS  servers  (run  by  domain  reg¬ 
istries  or  domain  owners  themselves)  and 
waits  for  their  responses. 

Before  this  latest  vulnerability,  attackers 
could  only  exploit  this  narrow  opening: 
Their  fake  query  response  had  to  beat  a 
legitimate  authoritative  DNS  server  and  the 
response  had  to  arrive  at  the  caching  server 
with  the  correct  query-parameter  values. 
These  races  typically  only  lasted  a  fraction 
of  a  second,  making  it  difficult  for  an  attack¬ 
er  to  succeed. 

With  this  new  vulnerability,  however,  the 
dynamics  of  the  race  have  been  altered  dra¬ 
matically  in  favor  of  the  attacker,  because  a 
security  researcher  figured  out  a  way  to  elim¬ 
inate  the  narrow  time  window:  by  rapidly  fir¬ 
ing  questions  at  the  caching  server  that  the  at¬ 
tacker  knows  the  server  will  not  be  able  to 
answer.  For  instance,  an  attacker  can  ask 
where  lq2w3e.google.com  is,  knowing  a 
caching  server  is  unlikely  to  have  such  an 
entry  That  provokes  subsequent  questions 
from  the  caching  server  and  creates  millions 
of  opportunities  to  send  fake  answers. 

Instead  of  only  one  race,  the  attacker  can 
have  millions,  creating  more  chances  to  guess 
the  right  values  for  query  parameters  and 
making  the  attack  dangerous.  In  fact,  it  was 
demonstrated  that  open  source  DNS  servers 
could  be  compromised  in  10  seconds. 

Poisoning  an  entry  for  lq2w3e.google.com 
is  not  useful  because  no  one  will  ever  request 
that  domain,  but  this  is  where  the  last  part  of 
the  attack  comes  into  play:  In  the  fake 
answers,  the  attacker  also  points  the  caching 
server  to  a  fake  name-server  for  the  domain 
the  attacker  wants  to  compromise.  The  cach¬ 
ing  server  stores  both  of  these  pieces  of  infor¬ 
mation. 

Because  the  attacker  now  controls  the 


name  server  for  the  domain,  every  subse¬ 
quent  query  for  the  domain  will  be  directed 
to  the  attacker’s  server. This  means  the  attack¬ 
er  now  controls  addressing  for  all  the  subdo¬ 
mains  for  the  domain:  www.bigbank.com, 
mail.bigbankcom  and  so  forth. This  is  extraor¬ 
dinarily  powerful;  any  request  for  any  subdo¬ 
main  can  be  directed  to  a  server  of  the  attack¬ 
er’s  choosing. 

To  address  these  problems  it  was  decided 
that  the  User  Datagram  Protocol  port  used  for 
a  query  should  no  longer  be  the  default  Port 
53  but  a  port  randomly  chosen  from  the  entire 
range  of  UDP  ports  (minus  the  reserved 
ones).UDP  source-port  randomization  (SPR) 
makes  it  harder  for  an  attacker  to  guess  query 
parameters  because  now  both  the  16-bit 
query  ID  and  as  many  as  16  additional  bits  for 
the  UDP  port  must  be  correct,  for  a  total  of  as 
many  as  4  billion  combinations. 

Enterprises,  however,  discovered  their  DNS 
servers  were  situated  behind  various  devices 
that  provide  network  address  translation.  Most 
NATs  de-randomized  the  UDP  ports  used  by 
the  DNS  server,  rendering  the  new  fix  less 
effective.  In  addition,  IT  managers  were  not 
enthusiastic  about  opening  up  the  full  range 
of  UDP  ports  in  their  firewalls.To  make  matters 
worse,  another  security  researcher  demon¬ 
strated  that  it  was  still  possible  to  poison  a  DNS 
server  even  with  the  protection  afforded  by 
randomization  across  64,000  UDP  ports. 

Now  what? 

It’s  time  to  consider  alternative  means  of 
securing  the  DNS.  UDP  SPR  is  a  useful  defense, 
but  a  balance  needs  to  be  struck  between  the 
protection  it  affords  the  DNS  and  the  exposure 
created  by  opening  a  range  of  ports  or  degrad¬ 
ing  firewall  performance.  Secure  modes  of 
operation  for  DNS  servers,  such  as  switching  to 
a  TCP  connection  when  potential  attacks  are 
detected,  are  another  useful  defense. 

Additional  defenses  are  needed  when  an 
attacker  gets  lucky  and  guesses  the  necessary 
parameters  to  spoof  a  query  response.  This 
means  DNS  servers  need  to  get  smarter  and 
analyze  query  responses  so  potentially  harm¬ 
ful  information  can  be  discarded  from  fake 
answers  sent  by  an  attacker. 

Halley  is  a  principal  architect  at  Nominum 
(www.  nominum.  com). 
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Improving  cell  phone  reception 


It  was  with  some  amusement  I  recently  stum¬ 
bled  across  T-Mobile’s  Personal  Coverage 
Check,  a  service  that  claims  you  can  “Check 
if  T-Mobile  coverage  is  right  for  you.” 

A  quick  digression:  Ever  wonder  what  the  Tin 
T-Mobile  stands  for?  The  answer  is  “Telekom”  be¬ 
cause  the  company  is  a  subsidiary  of  Deutsche 
Telekom.  I  have  always  found  German  products 
to  be  of  high  quality  with  good  customer  ser¬ 
vice,  but  for  some  reason  T-Mobile  is  different. 

According  to  T-Mobile’s  mapping  service  1  should  have  a  signal  strength 
of  three  to  four  bars.  Judging  from  my  very  precise  measurements  (that 
is,  looking  at  my  phone),  reality  is  a  little  different,  with  my  signal  usually 
between  zero  and  four  bars  and  alternating  between  those  states  on  a 
roughly  5-minute  cycle. So  far  1  have  not  been  able  to  find  an  explanation 
as  to  why  the  signal  strength  should  wobble  around  so  much. 

Actually  when  I  write“between  zero  and  four  bars”I  should  qualify  that 
with  the  phrase“until  two  weeks  ago.”  These  days  the  cycle  has  shifted  so 
now  about  every  5  minutes  I  get  four  bars  for  about  30  seconds  and 
then  nothing,  nyet,  nada,  for  the  rest  of  the  time.  Can  customer  service 
tell  me  why?  No.  Can  they  do  anything  about  it?  Hah! 

With  my  signal  strength  wavering  there  was  an  opportunity  to  see  if  a 
product  1  had  just  received  could  improve  my  service.The  product  is  the 
Arc  Wireless  Freedom  Blade,  an  external  antenna  for  cell  phones,  PDAs 
or  any  other  wireless  devices  that  operate  in  the  cell  phone  bands. 

If  you  want  to  find  out  what  bands  the  cell  phone  carriers  use  in  your 
neck  of  the  woods  check  out  Wireless  Advisor  (www.wirelessadvi 
sor.com). 

Here’s  the  problem  with  signal-boosting  antennas:To  work  their  magic 
and  really  boost  signal  strength  they  need  to  be  tuned  for  a  particular 


frequency  Either  side  of  that  frequency  the  gain  (that  is  amplification) 
decreases  significantly  As  cell  phones  operate  in  channels  within  fairly 
wide  frequency  bands  it  would  seem  an  antenna  would  only  make  an 
improvement  for  a  particular  channel. 

Thus  it  was  without  much  hope  of  improving  my  cell  phone  reception 
that  I  unpacked  the  Blade  to  discover  a  5-inch-by-1.5-inch-by-0.25-inch 
piece  of  black  plastic  weighing  a  few  ounces  with  a  yard-long  thin  coax 
tail. The  Blade  also  comes  with  an  adapter  cable  that  connects  the  mini- 
BNC  coax  to  a  connector  compatible  with  your  phone’s  antenna  adapter. 

1  plugged  in  the  Blade  and  my  phone,  which  showed  no  signal,  re¬ 
ported  four  bars!  Whether  the  results  include,  as  the  company  claims, “en¬ 
hanced  voice  clarity”  is  hard  to  determine,  as  is  quantifying  the  improve¬ 
ment  in  the  signal  reception,  but  the  Blade  appears  to  work. 

You  may  be  wondering  why  this  gadget  seems  to  work  so  well  when 
it  theoretically  shouldn’t?  A  company  representative  says  the  antenna 
contains  circuitry  that  uses  “flared  slots  and  broadband  matching”  to 
selectively  amplify  the  cellular  signals.  1  have  a  rough  idea  what  this 
means  but  perhaps  one  of  you  could  enlighten  me? 

What  I  don’t  like  about  the  Freedom  Blade  is  that  its  cable  with  the 
adapter  connector  is  large  and  comparatively  heavy  considering  how 
little  the  antenna  weighs,  and  the  included  stand  is  kind  of  pathetic. Arc 
should  also  include  the  optional  laptop  and  vent  clips  rather  than  mak¬ 
ing  them  a  separate  purchase. 

So,  until  T-Mobile  fixes  my  local  cell  tower  or  whatever  the  problem  is, 
the  Freedom  Blade  appears  to  be  keeping  me  connected. Unfortunately 
the  screen  on  my  cell  phone  just  died  and  so  I  have  no  idea  who  is  call¬ 
ing,  but  at  least  they  can. The  Freedom  Blade  gets  a  score  of  3  out  of  5. 

Gibbs  awaits  your  communications  in  Ventura,  Calif.  Signal  him  at  gear 
head@gibbs.com. 


Mark  Gibbs 


Two  ways  to  track  via  GPS 


GOOLTOOLS 


The  scoop:  Spot  Satellite  Messenger,  by 
Globalstar,  about  $170  (plus  $100  per  year  basic 
service,  with  optional  $50  per  year  service  for 
unlimited  tracking). 

What  it  is:  The  handheld  Spot 
device  is  a  personal  GPS  tracker 
that  can  provide  friends  and 
family  members  with  alerts  and 
updates  on  the  owner’s  loca- 
tion.The  Spot  sends  messages  (via  e-mail  or  text  mes¬ 
sage  to  mobile  phones)  providing  the  GPS  coordinates 
for  the  device.  Because  it  uses  the  satellite  network,  this 
can  provide  location  details  where  cell  phone  cover¬ 
age  is  nonexistent, or  in  cases  where  a  user’s  cell  phone 
doesn’t  work.  The  Spot  has  three  modes  of  communi¬ 
cation  —  an  “OK”  button  sends  a  message  to  contacts 
that  the  person  is  OK,  along  with  a  GPS  location.  A 
“Help”  button  is  a  nonemergency  request  for  help  — 
useful  for  situations  like  when  your  car  breaks  down  or 
you’ve  locked  your  keys  in  the  car.  The  “911”  button  is 
used  to  contact  emergency  response  officials  (like  if 
you  are  lost  hiking).The  OK  button  can  also  be  used  to 
help  track  the  journey  of  the  user  —  when  in  Tracking 
mode,  the  device  updates  the  GPS  location  every  10 
minutes  for  24  hours,  with  the  locations  displayed  on  a 
personal  Web  site  via  a  Google  Maps  interface. 

Why  it’s  cool:  The  91 1  button  is  like  having  auto  in¬ 
surance  or  life  insurance  —  you  don’t  want  to  have  to 
use  it,  but  it’s  good  to  know  that  you  have  it  if  you  need  it.  The  added 
value  comes  from  the  additional  buttons  and  modes  —  using  the  OK 

button  is  great  for  letting  contacts  know  that  you  have  reached  a  desti-  Shaw  can  be  reached  at  kshaw@nww.com. 


The  Spot  Satellite 
Messenger  allows  family 
and  friends  to  track  you. 


Grade: 


nation  safely  (great  for  traveling  parents  or  kids), and  the  Help  button  is 
good  for  those  times  where  you  might  need  some  help  but  you  don’t 
want  to  call  out  the  cavalry. 

Some  caveats:  Users  need  to  keep  fresh  batteries  in  the  device  (fortu¬ 
nately,  the  device  will  provide  a  low-battery  warning), 
and  they  should  know  how  to  properly  activate  the  91 1 
button. 

Grade:  ★★★★★  (out  of  five). 


The  scoop:  Zoombak  Universal  A-GPS  Locator,  by 
Zoombak,  about  $200  (plus  service,  about  $15  per 
month  or  $145  per  year,  if  prepaid). 

What  it  is:  This  personal  GPS  locator  can  help  users 
keep  track  of  a  vehicle,  pets  or  even  a  person.The  small 
device  (about  the  size  of  a  digital  camera  battery  pack) 
is  powered  by  a  rechargeable  battery  (up  to  five  days  of 
life  when  powered).  Locations  can  be  tracked  on- 
demand  via  a  personal  Web  site  portal,  or  continuously 
tracked  (up  to  60  minutes)  on  a  map. 

Why  it’s  cool:  In  addition  to  the  tracking  features,  you 
can  set  up  “Safety  Zones”  that  alert  you  when  the  device 
enters/leaves  an  area  (great  for  keeping  track  of  kids  to 
make  sure  they  made  it  to  school).  Alerts  can  also  be 
sent  if  the  battery  is  low  or  the  device  is  powered  off. 

Some  caveats:  Setup  was  a  little  tricky,  and  setting  up 
alerts  via  the  portal  takes  some  time.  Other  than  the 
safety  zone  features,  there’s  no  way  to  alert  authorities 
like  the  Spot  device. 
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THE  POWER  of  DNSreport 


JUST  ONE  CLICK. 


That’s  all  it  takes.  Just  one  click  and  DNSreport  gives  you  the  power  to  see 
problems  and  vulnerabilities  with  your  domain  and  mail  server.  Just  type  in  your 
domain  and  within  seconds,  DNSreport  runs  a  full  investigation  that  includes 
over  50  systematic  tests  and  thousands  of  analyses.  Just  one  click. 

And  your  job  just  got  a  whole  lot  easier. 
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WHEN  GOOD  ISN’T  GOOD  ENOUGH. 


Run  your  FREE  domain  &  email  health  check  now.  Just  go  to  www.DNSstuff.com 


TOP  5  REASONS 
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1 )  solve  email  issues 

2)  debug  DNS  issues 
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5)  troubleshoot  connectivity 
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-  PHIL  NAIL,  CTO,  AISO.Net,  pictured  with  the  solar 
janels  the  company  uses  for  electricity,  speaking  of 


lis  decision  to  sell  servers  left  over  from  a  virtual 
zation-related  consolidation  on  eBay 


HUNDREDS  OF  GALLONS  OF  USED  VEGETABLE  OIL  BELONG  ANYWHERE 
NEAR  A  DATA  CENTER,  LET  ALONE  INSIDE?  PHIL  NAIL  THINKS  SO. 

Nail  is  CTO  of  AISO.Net,  whose  on  to  learn  how  Nail  and  three  other  IT  professionals  made 
Romoland,  Calif.,  data  center  gets  100%  big  changes  in  their  data  centers,  and  what  they  like  best 
of  its  electricity  from  solar  energy.  Now  about  their  new  deployments, 
he’s  considering  waste  vegetable  oil  as 
an  alternative  to  using  diesel  fuel  in  No  more  vendor  lock-in 

the  Web  hosting  company’s  setup  for  Vendor  lock-in  is  a  common  plight  for  IT  storage  buyers, 
storing  solar-generated  power.  Lifestyle  Family  Fitness,  however,  found  a  way  out  of  the 

“We’re  never  opposed  to  trying  something  new,”  says  Nail,  shackles.  The  56-club  fitness  chain  in  St.  Petersburg,  Fla.,  set 
who  last  year  eliminated  nearly  100  underutilized  stand-alone  out  to  resolve  a  performance  bottleneck  it  traced  back  to  its 
servers  in  favor  of  four  IBM  System  x3650  servers,  partitioned  storage  network,  and  wound  up  upgrading  its  data  center 
into  dozens  of  virtual  machines  using  VMware  software.  infrastructure  in  a  way  that  not  only  took  care  of  the  problem 

Server  virtualization  fits  right  into  AISO.Net’s  environ-  but  also  extended  the  life  of  its  older  storage  arrays, 
mentally  friendly  credo.  The  company  increased  its  aver-  Lifestyle’s  users  were  starting  to  notice  that  certain  core 
age  server-utilization  level  by  50%  while  achieving  a  60%  applications,  such  as  membership  and  employee 

reduction  in  power  and  cooling  costs  through  its  con-  records,  were  sluggish.  IT  staff  confirmed  the  prob- 

solidation  project.  lem  by  looking  at  such  metrics  as  the  average 

For  Nail,  virtualization  technology  lives  up  to  the  disk-queue  length  (which  counts  how  many  I/O 

hype.  Nevertheless,  it  isn’t  always  easy  for  IT  exec-  operations  are  waiting  for  the  hard  disk  to 

utives  to  find  the  right  technology  to  help  a  business  P  become  available),  recalls  Michael  Geis,  director 

stay  nimble,  cut  costs  or  streamline  operations.  Read  of  IS  operations  for  the  chain.  “Anything  over 


2  is  considered  a  bottleneck,  meaning  your 
disks  are  too  slow. We  were  seeing  them  into  the 
60,80  and  100  range  during  peak  times,’ ’he  says. 

After  IBM’s  SAN  Volume  Controller  (SVC) 
was  rolled  out  last  November,  queue  lengths 
settled  back  below  two,  Geis  says.  The  two- 
node  clustered  SVC  software  fronts  EMC  Clari- 
ion  CX300  and  IBM  System  Storage  DS4700 
disk  arrays,  along  with  two  IBM  Brocade  SAN 
switches.  SVC  lets  Lifestyle  combine  storage 
capacity  from  both  vendors’  disk  systems  into 
a  single  pool  that  is  manageable  as  a  whole 
for  greater  utilization.  An  onboard  cache 
helps  speed  I/O  performance;  SVC  acknowl¬ 
edges  transactions  once  they’ve  been  com¬ 
mitted  to  its  cache  but  before  they’re  sent  to 
the  underlying  storage  controllers. 

A  key  benefit  of  virtualizing  storage  is  the 
ability  to  retain  older  gear,  rather  than  doing 
the  forklift  replacements  typically  required  of 
storage  upgrades,  Geis  says.“We  didn’t  have  to 
throw  away  our  old  legacy  equipment.  Even 
though  we’d  had  it  for  a  few  years,  it  still  had  a 
lot  of  performance  value  to  us,”  he  says. 
Lifestyle  uses  the  new  IBM  storage  for  its  most 
performance-sensitive  applications, such  as  its 
core  databases  and  mail  server,  and  uses  the 
EMC  gear  for  second-  and  third-tier  storage. 

Using  storage  gear  from  more  than  one  ven¬ 
dor  adds  management  overhead,  however. 
“You  have  to  have  a  relationship  with  two  man¬ 
ufacturers  and  have  two  maintenance  con- 
tracts.There’s  also  expertise  to  think  about.  Our 
storage  team  internally  has  to  become  masters 
of  multiple  platforms,”  Geis  says. 

The  payoff  is  worth  it,however:“Now  that  I’ve 
got  storage  virtualization  in  place  with  the 
SVC,  my  next  storage  purchase  doesn’t  have  to 
be  IBM.  I  could  go  back  and  buy  EMC  again,  if 
1  wanted  to,  because  I  have  this  device  in- 
between,”  Geis  says. 

Heterogeneous  storage  virtualization  gives 
buyers  a  lot  more  purchasing  flexibility  — 
and  negotiating  power.  “Every  time  we  add 
new  storage,  IBM  has  to  work  in  a  competitive 
situation,”  Geis  says.“Five  years  ago, the  day  you 
made  the  decision  to  go  with  EMC  or  IBM  or 
HP  or  anyone,  you  might  get  a  great  discount 
on  the  first  purchase,  but  you  were  locked  into 
that  platform  for  three  to  five  years,”  he  says. 

What  Geis  likes  best  is  the  flexibility  the  sys¬ 
tem  affords  and  “knowing  that  I  don’t  have  to 
follow  in  the  footsteps  of  everybody  else’s  stor¬ 
age  practices,  that  I  can  pick  and  choose  the 
path  that  we  feel  is  best  for  our  organization.” 

Getting  more  out  of  existing  resources 

A  key  addition  to  Pronto.com’s  Web  infra¬ 
structure  made  all  the  difference  in  its  e- 
commerce  operations.  Fifteen  million  people 
tap  the  Pronto.com  comparison-shopping  site 
each  month  to  find  the  best  deals  on  70  mil¬ 
lion  products  for  sale  on  the  Web.  If  the  site 
isn’t  performing,  revenue  suffers. 

Pronto.com  wanted  to  upgrade  its  load  bal¬ 
ancers  in  conjunction  with  a  move  from  a  host¬ 
ing  provider’s  facility  in  Colorado  to  a  Virginia 
data  center  operated  by  parent  company  LAC 
(which  also  owns  Ask.com,  Match.com  and 
Evite,  among  other  Internet  businesses).  The 


New  York-based  start-up  invested  in  more  than 
load  balancing,  however,  when  a  cold  call  from 
Crescendo  Networks  led  to  a  trial  of  the  ven¬ 
dor’s  application-delivery  controllers. 

Load  balancing  is  just  one  aspect  of  today’s 
application-delivery  controllers,  which  com¬ 
bine  such  capabilities  as  TCP  connection 
management,  SSL  termination,  data  compres¬ 
sion,  caching  and  network  address  translation. 
The  devices  manage  server  requests  and 
offload  process-intensive  tasks  from  content 
servers  to  optimize  Web  application  perform¬ 
ance.  “Our  team  knew  load  balancing  really 
well,  but  we  didn’t  know  optimization.  And  we 
didn’t  know  that  optimization  would  be  some¬ 
thing  that  we’d  really  want,”  recalls  Tony 
Casson,  director  of  operations  at  Pronto.com. 

When  Casson  and  his  team  tried  out 
Crescendo’s  AppBeat  DC  appliances,  however, 
they  were  convinced.  In  particular,  the 
devices’  ability  to  offload  TCP/IP  and  SSL 
transactions  from  Web  servers  won  them  over. 

A  major  benefit  is  that  Pronto.com  can 
delay  new  Web-server  purchases  even  as  its 
business  grows.“It  really  has  extended  the  life 
of  our  server  platform,”  Casson  says.The  need 
for  us  to  purchase  new  front-line  equipment 
has  been  cut  in  half.  Each  individual  Web 
server  can  handle  approximately  1.5  times 
the  volume  it  could  before.” 

Small  investment,  big  payoff 

IT  projects  don’t  have  to  be  grand  to  be 
game-changing.  A  low-priced  desktop  add-on 
is  yielding  huge  dividends  for  the  Miami-Dade 
County  Public  Schools. 

The  school  district  installed  power-manage¬ 
ment  software  on  104,000  PCs  at  370  loca¬ 
tions.  By  automatically  shutting  down  desk¬ 
tops  that  aren’t  in  use,  the  software  has 
reduced  the  district’s  average  PC-on  time  from 
20.75  hours  per  day  to  10.3  hours.  In  turn,  it’s 
shaved  more  than  $2  million  from  the  district’s 
$80  million  annual  power  bill. 

Best  of  all,  because  Miami-Dade  already  was 
using  software  from  IT  management  vendor 
BigFix  for  asset  and  patch  management, 
adding  the  vendor’s  power-management  com¬ 
ponent  cost  the  district  just  $2  more  per  desk¬ 
top.  “There  was  very  little  effort  to  implement 
the  program  once  we  defined  the  operating 
parameters,”  says  Tom  Sims,  Miami-Dade’s 
director  of  network  services. 

Besides  saving  money  the  power-manage¬ 
ment  project  has  kick-started  a  new  wave  of 
green  IT  efforts  —  something  that’s  as  impor¬ 
tant  to  the  school  district’s  managers  as  it  is  to 
users.  “We  all  want  to  save  energy  and  keep 
the  environment  clean  and  functional  for  our 
kids,  more  so  because  we  are  a  public  school 
system,”  Sims  says. 

Today  Miami-Dade  is  working  on  the  pro¬ 
gram’s  second  phase,  the  goal  of  which  is  to 
let  IT  administrators  customize  shut-down 
times  on  a  school-by-school  basis.  That  will 
result  in  more  power  saved  and  more  reduc¬ 
tions  in  carbon  emissions. 

Looking  ahead,  the  district  is  eyeing  the 
chance  for  even  bigger  savings  by  turning  off 
air  conditioning  units  in  areas  where  desktop 


computers  are  powered 
off.  IP-controlled  thermo¬ 
stats  will  enable  Miami- 
Dade  to  coordinate  PC 
and  air  conditioning  downtime.The  potential 
cost  savings  is  even  bigger  than  the  desktop- 
power  cost  savings,”  Sims  says. 

For  that  to  happen,  the  IT  group  has  been 
working  more  closely  with  facilities  manage¬ 
ment  teams  —  a  collaboration  Sims  expects 
to  grow.  “There  are  IP-driven  devices  that  will 
interface  with  all  kinds  of  facilities  equip¬ 
ment.  These  devices  allow  remote  manage¬ 
ment  and  control  by  a  central  office  via  the 
organization’s  data  network.  So,  the  possibili¬ 
ties  seem  limitless.” 

Staying  green 

Going  green  is  more  than  a  buzzword  for 
AISO.Net,  which  from  its  inception  in  1997  has 
espoused  eco-friendly  operations. 

Other  companies  are  buying  carbon  offsets 
to  ease  their  environmental  conscience,  but 
energy  credits  aren’t  part  of  the  equation  for 
AISO.Net.  The  company  gets  its  data  center 
electricity  from  120  roof-mounted  solar  pan¬ 
els.  Solar  tubes  bring  in  natural  sunlight,  elimi¬ 
nating  the  need  for  conventional  lighting  dur¬ 
ing  the  day;  and  air  conditioning  systems  are 
water-cooled  to  conserve  energy 

As  it  did  with  its  building  infrastructure, 
AISO.Net  overhauled  its  IT  infrastructure  with 
green  savings  in  mind.  By  consolidating 
dozens  of  commodity  servers  to  four  IBM 
servers  running  VMware’s  Infrastructure  3  soft¬ 
ware,  it  upped  utilization  while  lowering  elec¬ 
tricity  and  cooling  loads.  CTO  Nail  sold  the 
leftover  servers  on  eBay  “Let  somebody  else 
have  the  power/  he  says. 

For  Nail,  green  business  is  good  business, 
and  that’s  what  he  likes  best  about  it.“Maybe  it 
costs  a  little  bit  more,  but  it  definitely  pays  for 
itself,  and  it’s  doing  the  right  thing  for  the  envi¬ 
ronment,”  he  says.  Customers  like  environ¬ 
mentally  friendly  technology  too:  “More  and 
more  companies  are  looking  at  their  vendors 
to  see  what  kind  of  environmental  policies 
they  have,”  he  says. 

Today  AISO.Net  is  designing  a  rooftop  gar¬ 
den  for  its  data  center;  it  estimates  the  green 
roof  could  reduce  cooling  and  heating 
requirements  by  more  than  50%.  It’s  also  look¬ 
ing  for  an  alternative  way  to  store  solar-gener¬ 
ated  power.  That’s  where  the  waste  vegetable 
oil  comes  in.  Nail  wants  to  replace  the  com¬ 
pany’s  battery  bank,  which  stores  power  from 
the  solar  panels,  with  a  more  environmentally 
friendly  alternative.  The  idea  is  to  retrofit  a 
small  generator  to  run  not  on  diesel  fuel  but 
on  recycled  vegetable  oil  acquired  from  local 
restaurants  and  heated  in  55-gallon  drums. 
The  generator  in  turn  would  feed  power  to  air 
conditioning  units,  Nail  says. 

The  idea  came  from  seeing  others  use  waste 
vegetable  oil  to  run  cars,  Nail  says.“We  figured, 
why  can’t  we  take  that  technology  and  put  it 
into  something  that  would  run  our  air  condi¬ 
tioning?”  he  notes.“We’re  kicking  that  around, 
trying  to  design  it  and  figure  out  how  we’re 
going  to  implement  it.”  ■ 
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BLACK  IS  THE 
NEWGREEN. 


Running  business  apps  on  servers  that  aren’t  scalable,  along  with  demanding 
service  levels,  is  consuming  energy  at  an  exponential  rate.  Break  the  cycle 
with  highly  scalable  IBM  servers.  IBM  PowerVM™  virtualization  technology 
can  help  you  consolidate  workloads  from  twelve  single-application  16-core 
HP  Integrity  rx7640  systems  onto  two  16-core  Power™  570  systems  for  up  to 
18%  higher  performance  and  reduced  energy  requirements  of  up  to  44%:  A 
greener  world  starts  with  greener  business.  Greener  business  starts  with  IBM. 


SYSTEMS.  SOFTWARE.  SERVICES.  FOR  A  GREENER  WORLD. 

Learn  howto  improve  app  performance  at  ibm.com/green/performance 


’For  complete  details,  go  to  ibm.com/green/claim.  IBM,  the  IBM  logo,  ibm.com,  PowerVM  and  IBM  Power  570  are  trademarks  of  International  Business  Machines  Corporation,  registered  in  many  jurisdictions 
worldwide.  A  current  list  of  IBM  trademarks  is  available  on  the  Web  at  “Copyright  and  trademark  information"  at  www.ibm.com/legal/copytrade.shtml.  ©  2008  IBM  Corporation.  All  rights  reserved. 


PRODUCTS 


your  network  to  the  next  level 


BY  SANDRA  GITTLEN 


eed  a  deeper  look  into  your  virtual  environment  so  you  can  charge  departments  for 
resource  use?  Want  to  keep  closer  track  of  communications  among  virtual  machines? 
Ready  for  a  product  that  extends  the  life  of  the  batteries  operating  your  critical 
wireless  networks?  Here  are  10  best-of-their-kind  products  for  increasingly  sophis¬ 
ticated  IT  environments. 
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Altor’s  view  of  virtual  switch  traffic 


1.  ALTOR  NETWORKS’  VIRTUAL  NETWORK 
SECURITY  ANALYZER 

AVAILABILITY:  Now 

PRICING:  Starts  at  $500  per  physical  server;  supports  an  unlimited 
number  of  virtual  machines.  A  required  Altor  Center  management 
system  supporting  unlimited  VNSA  agents  costs  $1,500. 

WHAT  IT  DOES:  The  VNSA  appliance  lets  IT  departments  oversee 
virtual  switches  to  make  sure  that  communications  among  virtual 
machines  are  compliant  and  secure.  It  relies  on  agents  for  monitoring 
traffic  and  a  centralized  management  tool  for  detecting,  analyzing  and 
alleviating  problems  across  the  virtual  enterprise.  For  instance,  VNSA 
can  alert  IT  groups  to  top  talkers,  configuration  errors,  inappropriate 
protocols,  network  anomalies  and  compliance  issues. 

WHY  IT’S  IMPORTANT:  “Not  only  can  the  technology  look  at  [vir¬ 
tual]  traffic,  it  can  act  on  it.  It  can  drop  packets,  manipulate  traffic  and 
quarantine  machines,”  says  Phil  Hochmuth,  senior  analyst  at  Yankee 
Group.  (See  “Four  virtualization  security  companies  to  watch,”  www.nw 
docfinder.com/7 121.) 

IN  THE  FIELD:  Nielsen  Mobile,  a  division  of  The  Nielsen 
Company,  uses  VNSA  for  real-time  and  historical  monitoring  and 
analysis  of  its  virtual  switch  traffic. 

Media  giant  Hearst  uses  the  VNSA  appliance  to  look  at  virtual 
machines  at  rest  and  in  motion  among  physical  machines.  The 
company’s  production  environment  is  made  up  of  hundreds  of  vir¬ 
tual  machines. 

Alloy  products  supplier  Winsert  uses  VNSA  to  carry  out  network 
management  and  security  best  practices  in  its  virtual  environment. 
The  company  also  relies  on  VNSA  to  monitor  and  troubleshoot  per¬ 
formance  problems  among  virtualized  applications  and  servers. 
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2.  CIRBA’S  CIRBA  5.0 

DATA-INTELLIGENCE  SOFTWARE 

AVAILABILITY:  Now 

PRICING:  Cirba’s  subscription  pricing  is  based  on  both  the  num¬ 
ber  of  targets  —  physical  or  virtual  operating-system  instances  — 
under  analysis  and  the  length  of  its  contract  with  a  customer  in 
years.  For  example,  under  a  500-server,  three-year  commitment,  the 
cost  per  year  is  approximately  $150  per  server. 

WHAT  IT  DOES:  Cirba  5.0  analysis  dashboards  help  companies 
predict,  plan,  deploy  and  operate  efficient  virtual  data  centers.  For 
instance,  an  IT  group  can  assess  options  for  server  consolidation, 
optimize  the  placement  of  physical  and  virtual  resources,  and 
manage  capacity  changes  in  real  time.  Cirba  5.0  helps  track  and 
reduce  power  consumption  and  other  costs  associated  with  virtual 
server  environments. 

WHY  IT’S  IMPORTANT: “This  tool  addresses  a  critical  area  of  the 
virtual  environment.Too  many  organizations  jump  into  virtualization 
deployments  without  really  investigating  resource  capacity  or  com¬ 
patibility  They  end  up  overusing  servers  and  degrading  perfor¬ 
mance;  underusing  servers  and  failing  to  realize  true  cost  savings;  or 
co-locating  incompatible  workloads  on  a  single  virtual  server,  caus¬ 
ing  compliance,  risk,  exposure,  performance  and  other  critical  prob¬ 
lems,”  says  Andi  Mann,  research  director,  Enterprise  Management 
Associates  (EMA). 

IN  THE  FIELD:  Reliance  Limited  Partnership, an  energy  and  security 
company  uses  the  capacity-planning  tool  to  determine  the  virtual- 
machine  resources  that  new  applications  will  require  and  to  create  an 
audit  trail  for  change  management.  (See  “10  must-have  virtualization 
tools,”  www.nwdocfinder.com/7122.)  See  Products,  page  34 
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COUNTERS. 


IBM  collaboration  software  and  services  connect  people  faster  wherever 
they  are,  which  means  less  jet  fuel,  energy  and  money.  And  IBM  software’s 
advanced  deduplication  and  data  compression  can  lower  the  energy  and 
space  costs  of  your  collaboration  infrastructure  by  up  to  half.  A  greener  world 
starts  with  greener  business.  Greener  business  starts  with  IBM. 


SYSTEMS.  SOFTWARE.  SERVICES.  FOR  A  GREENER  WORLD. 

See  tRe green  demo  at  ibm.com/green/collaboration 
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j  VFrame  allows  policy-based 
provisioning  of  physical  and 
virtual  IT  resources. 


3.  CISCO’S  VFRAME  DATA  CENTER 

AVAILABILITY:  Now 

PRICING:  Starts  at  $59,000  for  a  fully  functional  starter  kit  that  can 
scale  to  support  several  hundred  data-center  devices. 

WHAT  IT  DOES:  With  the  VFrame  appliance,  companies  can 
carry  out  policy-based  provisioning  of  shared  physical  and  virtual 
computing,  storage  and  network  resources.  These  policies  can  be 
based  on  a  wide  range  of  instances,  such  as  server  failures  or  the 
need  for  load-balancing  x86  servers  across  multiple  VMware  ESX 
server  clusters.  With  VFrame,  application  deployments  are  faster 
and  more  efficient  because  configurations  are  automated  and 
standardized. 

WHY  IT’S  IMPORTANT: “Process  automation  and  orchestration, 
which  is  what  VFrame  does,  embeds  standards  and  skills  into  soft¬ 
ware  and  allows  virtualization  deployments  to  execute  unattended 
at  computer  speeds. This  technology  drives  high  availability,  dynamic 
flexibility,  agile  response  to  business  needs,  strong  cost  reductions 
and  more,”  EMAs  Mann  says. 

IN  THE  FIELD:  Cisco  would  not  release  specific  customer  names. 
However,  it  says  that  a  Southern  California  high-tech  company  uses 
VFrame  to  build  its  application  grid  environment,  which  has  stan¬ 
dardized  hardware  that  has  to  adapt  to  various  workloads;  and  that 
a  city  government  deployed  VFrame  to  automate  the  addition  of 
networking  and  storage  provisioning  to  its  physical  infrastructure. 


4.  EMBOTICS’  V-COMMANDER  2.0 

AVAILABILITY:  Now 
PRICING:  $10,000 

WHAT  IT  DOES:V-Commander  manages  servers’ life  cycles  to  help 
IT  organizations  tamp  down  on  dangerous  virtual-server  sprawl.  Users 
can  track  their  machines  in  real  time,  keeping  tabs  on  patches,  con¬ 
figurations,  access  and  retired 
servers.  They  also  can  create 
and  enforce  policies  to  con¬ 
trol  and  automate  virtual- 
machine  deployments.  V- 
Commander  includes  de¬ 
tailed  reporting  to  support 
regulatory  and  organizational 
compliance. 

WHY  IT’S  IMPORTANT: 

“Embotics  is  coming  at  the 
problem  of  managing  virtual 
machines  from  a  broad,  long- 
range  view,  incorporating 
inventory,  usage,  managing 


Clicking  through  any  element  in  this 
Web-based  dashboard  will  provide  full 
details  and  link  to  V-Commander's  rel¬ 
evant  section. 
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resources,  applications  and  the  policies  that 
apply  along  the  duration  of  the  virtual  machine’s 
life  cycle,”  says  Rich  Ptak,  principal  analyst  at 
Ptak,  Noel  and  Associates.  (See  “7  virtualization 
management  companies  to  watch,”  www.nwdocfinder.com/7123.) 

IN  THE  FIELD:  Alcatel-Lucent  uses V-Commander  to  combat  the 
virtual-machine  challenges  that  occur  as  the  company  consoli¬ 
dates  and  centralizes  its  data  centers,  increasing  the  overall  volume 
of  virtualization. 

Advanced  Micro  Devices  deployed  V-Commander  to  maintain  con¬ 
trol  while  it  adapted  server  virtualization  from  a  consolidation  proj¬ 
ect  to  a  data-center  architecture. 

Zentra  Computer  Technologies  takes  advantage  ofV-Commander’s 
policy-based  management  and  control,  automation  and  operational 
oversight  to  avoid  the  inherent  risks  of  virtual  servers. 


5.  EMC’S  ENTERPRISE  FLASH  DRIVES 


AVAILABILITY:  Enterprise  flash  drives  are  available  now  in  the 
Symmetrix  DMX-4;  they  will  be  available  for  the  Clariion  CX4  storage 
systems  this  month. 

PRICING:  The  EMC  Symmetrix  DMX-4  with  flash  drives  starts  at 
$250,000;  the  Clariion  CX4  with  flash  drives  starts  at  $31,185. 

WHAT  THEY  DO:  Solid-data,  flash-based  drives  should  speed  the 
performance  and  reduce  the  power  consumption  of  EMC  storage 
systems;  the  company  reports  that  the  flash  drives  deliver  single¬ 
millisecond  application-response  times  — 

10  times  faster  than  the  response  time  of 
traditional  Fibre  Channel  drives.  EMC 
combines  single-layer,  cell  flash  technol¬ 
ogy  and  controllers  for  ultrafast  read-and- 
write  performance,  high  reliability,  and  de¬ 
pendable  data  integrity  Users  should  be 
able  to  provision,  manage,  replicate  and 
move  data  among  the  flash  drives  and 
Fibre  Channel  and  Serial  Advanced 
Technology  Attachment  disk  drives. 

WHY  THEY’RE  IMPORTANT:  Although 
there  is  a  range  of  possible  solid-state  stor¬ 
age  options,  there  is  little  doubt  that  flash 
technology  will  become  a  significant  con¬ 
tributor  to  the  next-generation  enterprise. 

Some  of  the  positive  attributes  are  well 
known:  Mainly,  compared  with  standard 
spinning  disks,  the  technologies  provide 
extremely  high  I/O  rates  with  low  la¬ 
tency  and  low  consumption  of  power 
and  space.  Cost  is  viewed  as  an  imped¬ 
iment  to  adoption,  but  that  could  soon 
change  as  we  start  to  measure  storage 
devices  in  terms  of  I/O  and  kilowatts,” 
says  Mark  Peters,  analyst  at  Enterprise 
Strategy  Group. 

IN  THE  FIELD:  EMC  has  not  disclosed 
users  of  its  enterprise  flash  drives. 


6.  GAINSPAN’S  GS1010 
CHIP  AND  SOFTWARE 


AVAILABILITY:  Now 
PRICING:  Not  applicable. 

WHAT  THEY  DO:  GainSpan’s  GS1010  dual-core,  ARM-architecture 
system-on-a-chip  and  management  software  work  together,  via  an 
802.1 1  b/g  implementation,  to  extend  the  life  of  batteries  in  wireless- 
network  sensors  and  other  devices. Sensors, such  as  those  used  in  build¬ 
ing  automation,  transportation  and  supply  chain  management,  can  tap 
into  a  company’s  Wi-Fi  infrastructure  and  run  as  long  as  10  years  on  a 
single  AA  battery  the  company  says.  See  Products,  page  36 
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With  the  world’s  data  growing  dramatically,  IBM  storage  virtualization  solutions 
can  help  you  gain  control  in  a  responsible,  energy-efficient  way.  The  IBM 
System  Storage  SAN  Volume  Controller  can  reduce  storage  growth  by  up  to 
20%  and  boost  utilization  by  as  much  as  30%.  And  combined  with  IBM  tape 
solutions,  some  companies  have  reduced  their  TCO  by  as  much  as  50%'.  A 
greener  world  starts  with  greener  business.  Greener  business  starts  with  IBM. 

SYSTEMS.  SOFTWARE.  SERVICES.  FOR  A  GREENER  WORLD. 

Get  our  storage  virtualization  whitepaper  at  ibm.com/green/info 
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WHY  THEY’RE  IMPORTANT:  The 

chip  and  software  introduce  the  combi- 
nation  of  IP  and  the  802. 1 1  wireless  LAN 
standard  as  a  viable  and  proven  network 

technology  for  wireless-sensor  networks  that  can  be  integrated  eas¬ 
ily  with  the  enterprise  without  gateways  or  separate  networks  and 
protocol  stacks.  (See  “Nine  wireless  companies  to  watch,”  www.nw 
docfinder.com/7124.) 

IN  THE  FIELD:  GainSpan  would  not  release  specific  customer 
names,  but  says  its  technology  is  used  in  Wi-Fi-based  thermostats  and 
IP-based  monitoring  and  management  systems  for  energy  monitor¬ 
ing  and  management  in  commercial  buildings,  as  well  as  in 
demand-response  units  with  a  Wi-Fi  thermostat  and  electric  meters 
with  Internet  connectivity  through  home  broadband  connections.  In 
addition,  supply-chain  management  and  logistics  companies  are 
using  the  technology  for  asset-  and  people-tracking  using  Wi-Fi  loca¬ 
tion  and  sensor  tags. 


7.  MOKAS’S  MOKAFIVE 
VIRTUAL  DESKTOP 

AVAILABILITY:  Now 

PRICING:  Annual  license  fees  are  $79  to  $99  per  user  depending 
on  volume,  and  include  the  cost  of  support  and  hosting. 

WHAT  IT  DOES:  MokaFive  Virtual  Desktops  software-as-a-service 
offering,  lets  IT  managers  create,  deploy  monitor,  patch,  secure  and 
update  the  vendor’s  LivePC  virtual-desktop  environments.  The  cen¬ 
tralized  administration  console  also  lets  IT  teams  run  multiple  virtual 
desktops  on  a  single  machine  to  guarantee  a  secure  separation 
between  work  and  personal  applications.  MokaFive  locally  caches 
LivePC  images  so  users  can  work  offline.  If  a  virtual  desktop  experi¬ 
ences  a  security  problem  because  of  malware,  spyware  or  other 
threats,  it  can  be  rebooted  to  a  previous,  uninfected  state. 


Moka5’s  Virtual  Desktop  enables  disaster 
recovery  and  mobility,  provides  management  over 
deployment  with  individual  revoke  and  kill  options 
and  supports  organizationwide  deployment 
of  LivePC  virtual-machine  updates. 


Server 


MokaFive  player: 
Disaster  recovery  and  mobility 


MokaFive  management  console: 
Compliance  and  security 


WHY  IT’S  IMPORTANT:  Desktop  virtualiza¬ 
tion  is  the  fastest  growing  of  all  virtualization 
technologies.  The  drivers  are  greater  workforce 
mobility,  faster  repair  times,  less  downtime, 
reduced  security  risk,  improved  compliance,  and  lower  costs  for 
business  units  and  IT  departments.  To  achieve  this  success,  enter¬ 
prises  need  to  focus  on  making  sure  they  accommodate  user  differ¬ 
ences;  ensure  compatibility  between  desktop  virtualization  and  the 
workloads  they  have  to  handle;  plan  around  network  issues,  such  as 
low  bandwidth  or  connection  dropouts  that  would  cause  slow¬ 
downs  or  downtime  for  virtual  desktops;  and  create  and  test  high 
availability  for  critical  servers  delivering  remote,  server-based  virtual 
desktops,”  EMAs  Mann  says. 

IN  THE  FIELD:  IT  administrators  at  Panasonic  Emerging 
Advanced  RF  Laboratory  use  MokaFive  Virtual  Desktop  to  carry  out 
business-continuity  and  disaster-recovery  plans  while  remaining 
compliant.  In  a  disaster,  they  could  access  virtual  desktop  images 
safely  via  an  encrypted  USB  and  VPN  on  any  PC. 

With  the  MokaFive  Virtual  Desktop,  law  firm  Fenwick  &  West  creates 
sandbox  environments  for  evaluating  new  technologies  from  its 
patent  and  trademark  group’s  clients.  Attorneys  can  install  and  test 
the  clients’  products  without  jeopardizing  the  stability  of  their  cor¬ 
porate  work  environment. 


8.  PALO  ALTO  NETWORKS’  PA-4000 
AND  PA-2000  SERIES  NEXT-GENERA¬ 
TION  FIREWALLS 

AVAILABILITY:  Now 

PRICING:  The  PA4050,  which  supports  up  to  lOGbps  throughput, 
costs  $60,000.  The  PA-4020,  which  supports  up  to  2Gbps  throughput, 
costs  $35,000.  The  PA-2050,  which  supports  up  to  lGbps  throughput, 
costs  $16, 000. The  PA-2020,  which  supports  up  to  500Mbps  throughput, 
costs  $12,000. 

WHAT  THEY  DO:  These  firewalls  com¬ 
prise  a  trio  of  technologies  that  monitor 
applications,  users  and  content  to  detect 
network  threats:  App-ID  classifies  applica¬ 
tion  traffic  regardless  of  its  port, 
protocol  or  SSL  en¬ 
cryption;  User-ID 
taps  into  Microsoft’s 
Active  Directory  to 
map  policies  to  user 
activity;  and  the 
Content-ID  inspection 
engine  blocks  file  transfers  and  controls  Web 
surfing  to  thwart  content-based  threats.The  focus  on  such  “business¬ 
relevant”  application,  user  and  content  information  improves  overall 
security  Palo  Alto  says. 

WHY  THEY’RE  IMPORTANT:  The  Palo  Alto  firewalls  change  the 
way  enterprises  do  outbound  firewalling.“For  a  long  time,  [companies] 
either  had  an  ‘unlimited  outbound  policy’ — which  was  a  bad  idea  but 
the  only  option  due  to  lack  of  tools  —  or  blocked 
most  outbound  and  required  all  Web-based  traffic 
to  go  through  a  proxysuch  as  Blue  Coat  Systems  or 
IronFbrt  Systems  [now  part  of  Cisco].  With  Palo 
Alto’s  products,  security  managers  can  actually 
control  in  fine  detail  what  the  users  are  allowed  to 
do  on  the  Internet. The  deep  knowledge  of  appli¬ 
cation,  rather  than  simple  dependence  on  ports, 
helps  to  both  define  what  is  and  isn’t  allowed  and 
to  catch  various  tricks  people  use  to  sneak 
through  enterprise  firewalls  and  get  around  pol¬ 
icy’  says  Joel  Snyder,  senior  partner  at  Opus  One 
and  Network  World  product  tester. 

IN  THE  FIELD;  Koch  Logistics,  a  global 
transportation,  shipping  and  distribution  logis¬ 
tics  provider,  uses  the  firewalls  to  set  and 

See  Products,  page  38 


The  high-end  PA-4050 
firewall  supports  up  to 
lOGbps  throughout  for 
outbound  firewalling. 


MokaFive  creator: 
Provisioning  and  updating 
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Take  the  first  step  toward  a  greener  datacenter  at  ibm.com/green/services 
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Today,  datacenters  eat  up  to  30  times  more  energy  per  square  foot  than  a 
typical  office.  The  answer:  IBM  green  datacenter  and  IT  services.  They 
can  help  you  implement  a  conservation  policy  and  measure,  manage  and 
report  on  real  results  against  it.  Many  IBM  customers  have  doubled  their 
IT  capacity;  others  have  reduced  energy  costs  by  40%  or  more.  A  greener 

world  starts  with  greener  business.  Greener  business  starts  with  IBM. 
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Products  continued  from  page  36 

enforce  policies  and  scan  for  threats  at  the  application  level. 

Mercy  Medical  Center,  a  healthcare  facility  and  teaching  hospital 
for  the  University  of  Maryland,  implemented  the  firewalls’  policy- 
enforcement  features  to  secure  network  access  for  staff,  contractors 
and  more  than  50,000  patients.  Mercy  has  the  visibility  and  control 
needed  to  keep  the  network  open  while  protecting  patient  privacy 

Western  &  Southern  Financial  Group,  a  financial  services  firm 
with  more  than  $48  billion  in  assets,  uses  the  firewall  to  identify 
malicious  software  on  desktops,  shut  down  evasive  applications 
and  threats,  and  pinpoint  the  locations  of  application  sources  and 
destinations  worldwide. 


9.  VKERNEL’S  CAPACITY  ANALYZER. _ 

CHARGEBACK  AND  MODELER  APPLIANCES 


AVAILABILITY:  Capacity  Analyzer  and  Chargeback  are  available 
now,  as  is  a  beta  version  of  Modeler. 

PRICING:  All  start  at  $199  per  CPU  socket. 

WHAT  THEY  DO:  These  virtual  appliances  work  individually  or 
together  to  gain  visibility  into  virtual  environments,  which  leads  to 
greater  overall  operating  efficiencies.  Capacity  Analyzer  identifies 
and  prevents  inappropriate  allocations  of  such  shared  resources 
as  CPU,  memory,  storage  and  network.  Chargeback  gives  IT  teams 
a  way  to  measure  and  recover  the  costs  associated  with  depart¬ 
ments’  use  of  virtual  machines.  And  Modeler  enables  IT  staff  to 
safely  model  and  validate  VMware  ESX  changes  to  avoid  produc¬ 
tion-environment  problems. 

WHY  THEY’RE  IMPORTANT:  “In  virtualization  deployments, 
business  owners  are  starting  to  demand  chargeback  and  other 
metrics  as  a  way  to  ensure  they  are  getting  the  resource  allocations  that 
they  are  paying  for,  and  IT  is  using  these  metrics  to  prove  to  business 
owners  that  they  are  saving  money  on  infrastructure  without  any  per¬ 
formance  degradations,”  EMAs  Mann  says. 

IN  THE  FIELD:  Berry  College  in  Mount  Berry,  Ga.,  uses  the 
Chargeback  virtual  appliance  to  control,  monitor  and  charge  back 
resources  in  real  time  for  each  virtualization  project.  The  school  relies 
on  Chargeback’s  detailed  reporting  to  provide  users  with  information 
about  resource  consumption  and  costs. 

Game  and  toy  maker  Hasbro  uses  VKernel’s  virtual  appliances  to  get 
an  insight  into  its  VMware  ESX  environment’s  use  of  capacity  For 
instance,  the  company  monitors  its  Top  5  resource-consumers  to  archi¬ 
tect  resource  pools  better.lt  also  uses  the  tools  to  check  the  impact  new 
virtual  machines  have  on  the  overall  environment. 

Hovensa,a  global  refinery,  uses  VKernel  Capacity  Bottleneck  Analyzer 
to  monitor  its  VMware  ESX  environment  and  allocate  shared  resources 
among  virtual  machines. 
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VKernel’s  Modeler  tool  will  enable  modeling  and  VMware  ESX  change- 
validation  fpr  problem  avoidance. 


Navigate 

Please  use  left  and  right  mouse  buttons 

-i _ }  Virtual  Environment 

±j  jrT|  Vkernel 

g  Q  Models 

3  &  August  changes 
IS  |3  192.168.16.55 
Hj|j  newcust 
a  tlil  Network  Topology 
a  ^Default 

0  U3  Ownership  Boundaries 
a  &j|Common 

SI  |§  192.168.16.55 
a^jDev 

a  .  J  Network  Topology 
©  3  Ownership  Boundaries 
a  -  ^Templates  Library 

_ New  templates _ 


« 


Identifies  the  top  5  hosts,  clusters  or  resource  pools  that  have  bott 


ordered  by  highest  severity . 

Virtual  Object 

Constraining 

Resource 

ft  Cluster  Dev 

Memory 

ft  Cluster  Dev 

$  CPU 

ft  Cluster  Dev 

: 

: 

Storage 

Zoom  In 

10.  WIRELESS  GRIDS’ 

INNOVATICUS  SOFTWARE 

AVAILABILITY:  Will  be  released  in  beta  in  November  with  virtual 
file-sharing. 

PRICING:  A  beta  evaluation  license  will  cost  $75,000  plus  a  nego¬ 
tiable  per-user  license  fee. 

WHAT  IT  DOES:  With  Innovaticus  software,  users  can  break  down 
the  barriers  between  their  wired  and  wireless  network  devices.  Using 
automated  negotiating  technology,  Innovaticus  links  files,  speakers, 
printers,  microphones,  cameras  and  screens  into  a  single  mashup. 
Then  users  can  extend  those  mixed  resources  to  their  friends,  co¬ 
workers  or  other  Innovaticus  users. 

WHY  IT’S  IMPORTANT:  Think  of  Innovaticus  as  a  structure  for 
mobile  spontaneity: Your  personal  or  business  devices  become  part 
of  an  interoperable  grid  that  amplifies  what  you  can  do  but  lets  you 
do  it  with  and  through  the  resources  others  make  available.  (See 
“Nine  wireless  companies  to  watch,”  www.nwdocfinder.com/7124.) 

IN  THE  FIELD:  Carnegie  Mellon  University, 
Clear  Channel  Communications  and  Syracuse 
University  use  Innovaticus  to  let  users  create 
ad  hoc  device  networks  that  other  users  can 
tap  into  to  share  photos,  files,  printers  and 
other  resources. 


Gittlen,  a  freelance  technology  writer  in  the  Greater 
Boston  area,  can  be  reached  at  sgittlen@veri 
zon.net. 
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SECURITY  INNOVATIONS 

Go  online  for  a  roundtable  chat 
among  Network  World  bloggers  and  colum¬ 
nists  about  the  best  new  security 
products,  technologies  and  strategies. 
www.nwdocfinder.com/71 26 
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/tITRoadmap 

CONFERENCE  &  EXPO  I 


SAN  FRANCISCO  MONDAY,  NOV.  17,  2008 


ATTEND  FREE!  www.networkworld.com/RM8SFA3 


NETWORK  WORLD’S  IT  ROADMAP  IS  COMING 
BACK  TO  SAN  FRANCISCO.  The  premiere  1-day 
event  that  moves  as  fast  as  the  technology  it 
covers.  Be  here  for  the  10  most-challenging  topics 
in  technology.  Surrounded  by  a  private  expo  with 
ready-to-roll  solutions  enterprise-wide.  Join  us 
as  we  bring  together  IT’s  brightest  analysts,  best 
vendors,  and  most-innovative  users  to  give  you 
a  year’s  worth  of  insights  and  advancements  on 
issues  that  weren’t  even  opportunities  12 
months  ago. 

QUALIFIED  ITR  ALUMNI  -  YOU’RE  PRE  APPROVED! 


Go  from  0-to-60  solutions  on  10  of  IT’s  fastest  tracks. 

The  information  is  rich.  The  technology  is  deep.  And  the  focus  is  on  results  in 
every  corner  of  your  enterprise. 


Threat-eliminating  security  for 
decentralized  nets 
Blueprint  of  the  new  data  center 
Architecture  for  big-picture  wireless 
Four  stages  of  smart-solution  NAC 
Optimization  secrets  of  app 
acceleration 


Knock-knock-knocking  on  NOC’s 
expanded  role 

Ethernet  unleashed  in  the  WAN 
Virtualization  for  thin-client  desktops 
Clarity  amidst  the  UC  confusion 
Remote  and  mobile  VoIP  build  outs 
Plus  dozens  more  solutions! 


It’s  the  essential  IT  event  where  you  can  bring  your  entire  team,  cover  it  all, 
and  take  away  technology’s  most  effective  solutions  in  just  one  day.  So  register 
now.  Save  the  date.  And  join  us  as  IT  Roadmap  rolls  into  San  Francisco. 

QUALIFY  TO  ATTEND  FREE 

www.networkworld.com/RIVI8SFA3  1  -800-643-4668 
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Featured  Reviews 


WWmWm  by  Jill  on  07/28/2008 

My  stay  at  the  Lime  Tree  Hotel  was  wonderful.  I  relaxed  at  the 
spa  and  enjoyed  the  delicious  food.  I  can't  wait  to  come  back' 


by  Barbara  on  07/23/2008 

Great  location,  nice  hotel  with  pleasant  staff  makes  the  Urn 
Tree  Hotel  a  perfect  vacation  destination.  The  rooms  wen 
luxurious  and  the  room  service  catered  to  your  every  need 
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Wmm  mm  by  Tony 

Good  hotel  for  families  and  couple 
is  excellent  for  relaxing  and  the 
have  too  far  to  go  for  a  drink 


The  internet  provides  small  to  medium-sized 
businesses  great  opportunities  to  grow  by  opening 
their  offers  to  millions  of  web  users.  It's  especially 
important  to  build  trust  and  a  good  company  image 
in  order  to  succeed  on  the  web. 

Is  there  a  way  to  quickly  build  a  positive  online  reputation? 

Simply  give  your  satisfied  customers  the  ability  to  publish  feed¬ 
back  on  your  website!  RatePoint  is  a  leading  provider  of  online 
reputation  systems  and  will  ensure  customers  that  your  reviews 
are  credible  and  trustworthy. 

The  RatePoint  Site  Seal  gives  instant  visual 
feedback  to  visitors,  allowing  them  to  see  that 
your  business  is  credible,  safe  and  trustworthy, 
E&233I23  With  one  click,  visitors  can  easily  read  reviews 
and  write  comments. 

In  the  event  that  you  do  receive  negative  feedback,  RatePoint 
automatically  uses  the  Dispute  Resolution  Tool  to  verify  the  review. 
It  offers  you  the  opportunity  to  resolve  the  issue  before  the  review 
is  viewable  on  your  site  and  gives  you  the  chance  to  improve  your 
customer  service  and  retain  more  customers. 

1&1  is  including  RatePoint  for  free  with  all  business 
hosting  packages!  So,  what  are  you  waiting  for? 


Rote  &  Review  » 


Reputation  is  Everything 


ffi With  a  wide  variety  of  products  and  hosting  packages,  superior  data  center  technology,  excellent  reliability,  special 


offers,  gtejat  prices  and  a  90-Day  Money  Back  Guarantee,  it's  no  wonder  customers  trust  1&1  as  their  web  host  company! 

B  V:  .  -  '  ■.l;V  ■  \  .-::r 


aSK  aKS  *31.  IsS  .St 

The  hotel  restaurant ! 

■1  •- 

stocked  with  fresh  ; 

lime  Tree  to  any  ' 

enjoyed  our  si  a 

V  » .  ^ 

1&1  Business  Website! 


Limited  Time 
Offer! 


Let  customer 
feedback  work  for 
your  business! 


Included  Domain  Names 
(.com,  .net,  .org,  .info  or  .biz) 


Web  Space 


Monthly  Transfer  Volume 


I^RatePoint" 


Reputation  is  Everything 


Mailbox  Size 


RatePoint  Tools 


Website  Builder 
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©  2008  1&1  Internet,  Inc.  All  rights  reserved. 

Visit  1and1.com  for  details.  Prices  based  on  comparable  Linux  web  hosting  package  prices,  effective  8/26/2008. 
*  Offer  valid  only  for  1&1  Business  and  Developer  web  hosting  packages,  Professional  and  Advanced  eShops, 
and  all  Managed  Servers.  For  full  promotional  offer  details,  visit  www.1and1.com.  Product  and  program 
specifications,  availability,  and  pricing  subject  to  change  without  notice. 

**  Offer  valid  for  .biz  only.  After  first  year,  standard  pricing  applies. 
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Experts  share  best  practices  for  optimizing  strategic  virtualization  initiatives 


nologies  in  multiple  areas,  such  as  servers  and  desktops,  or  with 
partnerships  across  IT  domains  could  help  IT  managers  better 
design  their  virtualization-adoption  road  maps.  More  important, 
however,  is  preventing  virtualization  implementations  from  creating 
more  problems  via  poor  communications  or  antiquated  organiza¬ 
tional  charts,  industry  watchers  say. 

“With  ITIL  and  other  best-practice  frameworks,  IT  has  become  better 
at  reaching  out  to  other  groups,  but  the  speed  at  which  things  change 
in  a  virtual  environment  could  hinder  that  progress,” says  Jasmine  Noel, 
a  principal  analyst  at  Ptak,  Noel  and  Associates.“IT’s  job  is  to  evolve  with 
the  technology  and  adjust  its  best  practices,  such  as  change  manage 
ment.to  new  technologies  like  virtualization.”  See  Virtualization,  page  44 


virtualization  projects 
gain  scale  and  strate¬ 
gic  value,  enterprise  IT 
managers  must  move 
quickly  beyond  tacti¬ 
cal  approaches  to 
achieve  best  results. 

Consider  these  Gartner  forecasts:  More  than  4  million  virtual 
machines  will  be  installed  on  x86  servers  by  2009,  and  the 
number  of  virtualized  desktops  could  grow  from  less  than  5 
million  in  2007  to  660  million  by  2011.  The  popularity  of  vir¬ 
tualizing  x86  server  and  desktop  resources  has  many  enter¬ 
prise  IT  managers  reassessing  ways  to  update  already  virtual¬ 
ized  network  and  storage  resources,  too. 

Virtualization’s  impact  will  spread  beyond  technology 
changes  to  operational  upheaval.  Not  only  must  enterprise  IT 
executives  move  from  a  tactical  to  a  strategic  mindset  but 
they  also  must  shift  their  thinking  and  adjust  their  processes 
from  purely  physical  to  virtual. 

“Enterprise  IT  managers  are  going  to  have  to  start  thinking 
virtual  first  and  learn  how  to  make  the  case  for  virtualiza¬ 
tion  across  IT  disciplines,”  says  James  Staten,  principal  ana¬ 
lyst  at  Forrester  Research.  “This  will  demand  they  change 
processes.  Technologies  can  help,  but  if  managers  don’t 
update  their  best  practices  to  handle  virtual  environments, 
nothing  will  get  easier.” 

Here  enterprise  IT  managers  and  industry  watchers  share 
best  practices  they  say  will  help  companies  seamlessly  grow 
from  30  to  3,000  virtual  machines  without  worry 


1.  Approach  virtualization  holistically 

Companies  considering  standardizing  best  practices  for 
x86-based  server  virtualization  should  think  about  how  they 
plan  to  incorporate  desktop,  application, storage  and  network 
virtualization  in  the  future. 

IT  has  long  suffered  from  a  silo  mentality  with  technology 
expertise  living  in  closed  clusters. The  rapid  adoption  of  virtualization 
could  exacerbate  already  strained  communications  among  such  IT 
domains  as  server,  network,  storage,  security  and  applications. 

“This  wave  of  virtualization  has  started  with  one-off  gains,  but  to 
approach  the  technology  strategically  IT  managers  need  to  look  to 
the  technology  as  achieving  more  than  one  goal  across  more  than 
one  IT  group,”  says  Andi  Mann,  research  director  at  Enterprise 
Management  Associates. 

To  do  that,  an  organization’s  virtualization  advocates  should 
champion  the  technology  by  initiating  discussions  among  various 
IT  groups  and  approaching  vendors  with  a  broad  set  of  require¬ 
ments  that  address  short-  and  long-term  goals.  Vendors  with  tech¬ 


with  virtualization 
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2,  Identify  and  inventory 
virtual  resources 

Understanding  the  resources  available  at 
any  given  time  in  a  virtual  environment 
requires  enterprise  IT  managers  to  enforce 
strict  processes  from  a  virtual  machine’s  birth 
through  death  (see “The  life  and  death  of  a  vir¬ 
tual  machine,”  www.nwdocfinder.com/7125). 

Companies  need  a  way  to  identify  virtual 
machines  and  other  resources  throughout 
their  life  cycles,  says  Ftete  Lindstrom,  research 
director  at  Spire  Security  The  type  of  virtual- 
machine  tagging  he  suggests  would  let  IT 
managers  “persistently  identify  virtual- 
machine  instances  over  an  extended  period 
of  time,”  and  help  to  maintain  an  up-to-date 
record  of  the  changes  and  patches  made  to 
the  original  instance.  The  process  would  pro¬ 
vide  performance  and  security  benefits 
because  IT  managers  could  weed  out  prob¬ 
lematic  virtual  machines  and  keep  an  accu¬ 
rate  inventory  of  approved  instances. 

“The  ability  to  track  virtual  machines 
throughout  their  life  cycles  depends  on  a 
more  persistent  identity  scheme  than  is 
needed  in  the  physical  world.  IT  needs  to 
know  which  virtual  resources  it  created  and 
which  ones  seemed  to  appear  over  time,” 
Lindstrom  explains.  “The  virtual  world  is  so 


“CERTIFICATIONS  ARE  RARE,  THOUGH 
I  DO  HAVE  TWO  [VMWARE  CERTIFIED 
PROFESSIONALS]  ON  MY  STAFF? 


-  ROBERT  JACKSON,  director  of  infrastructure, 
Reliance  Limited  Partnership 


much  more  dynamic  that  IT  will  need  granu¬ 
lar  identities  for  virtual  machines  and  [net¬ 
work-access  control]  policies  that  trigger 
when  an  unknown  virtual  machine  is  in  the 
environment.  Rogue  virtual  machines  can 
happen  on  the  client  or  the  hypervisor” 

Discovery  technology  also  serves  an  impor¬ 
tant  role  in  maintaining  an  accurate  inventory 
of  virtual  resources,  says  Glenn  O’Donnell,  a 
Forrester  senior  analyst.Trom  a  high  level,  the 
ITIL  processes  around  managing  configura¬ 
tion,  change,  incidents  or  problems  doesn’t 
change;  but  virtualization  adds  another  layer 
of  abstraction  and  numerous  configuration 
items  that  need  to  be  incorporated  into  exist¬ 
ing  processes,”  he  says. 

For  instance,  using  such  tools  as  BMC  Soft¬ 
ware’s  Topology  Discovery  EMC’s  Application 
Discovery  Manager  or  mValent’s  Integrity, an  IT 
manager  could  perform  an  ongoing  discovery 
of  the  environment  and  track  how  virtual 
machines  have  changed.  Manual  efforts 
couldn’t  keep  pace  with  the  configuration 
changes  that  would  occur  because  of,say,VM- 
ware  VMotion  or  Microsoft  Live  Migration 
technologies.  “IT  has  to  stay  on  top  of  a  lot 
more  data  in  a  much  more  dynamic  environ¬ 
ment,”  O’Donnell  says. 

3.  Plan  for  capacity 

Just  because  virtual  machines  are  faster  to 
deploy  than  physical  ones,  the  task  shouldn’t 
be  taken  lightly“If  you  are  not  careful, you  can 
have  a  lot  of  virtual  machines  that  aren’t  being 
used,” says  Ed  Ward, senior  technical  analyst  at 
Hasbro  in  Pawtucket,  R.I.  He  speaks  from  the 
experience  of  supporting  22  VMware  ESX  host 
servers,  330  virtual  machines,  100  workstations 
and  250  physical  machines. 

To  prevent  virtual-machine  sprawl  and  to 
curb  spending  for  licenses  and  power  for 
unused  machines, Ward  says  he  usesVKemel’s 
Capacity  Analyzer  virtual  appliance.  It  alerts 
him  to  all  the  virtual  machines  in  his  environ¬ 
ment,  even  those  he  thought  he  had  removed. 

“There  are  cases  in  which  you  build  a  virtual 
machine  for  test  and  then  for  some  reason  it 
is  not  removed  but  rather  it’s  still  out  there 
consuming  resources,  even  though  it  is  serv¬ 
ing  no  purpose, "Ward  says.“Knowing  what  we 
already  have  and  planning  our  investments 
based  on  that  helps.  We  can  reassign  assets 
that  have  outlived  their  initial  purpose.” 

When  they  create  virtual  machines,  IT  man¬ 
agers  also  must  plan  for  their  deletion.“Assign 
expiration  dates  to  virtual  machines  when 
they  are  allocated  to  a  business  unit  or  for  use 
with  a  specific  application;  and  when  that 
date  comes,  validate  the  need  is  no  longer 
there  and  expire  the  resource,”  Forrester’s 
Staten  says.  “Park  a  virtual  machine  for  three 
months  and  if  it  is  no  longer  needed,  archive 
and  delete.  Archiving  keeps  options  open 
without  draining  storage  resources  or  having 
the  virtual  machine  sitting  out  there  consum¬ 
ing  compute  resources.” 

4.  Marry  the  physical  and  virtual 

IT  managers  must  choose  the  applications 
supported  by  virtual  environments  wisely, 


say  experts,  who  warn  _ 

that  few  if  any  IT  services  fcssssSESTTS 
will  rely  only  on  the  vir¬ 
tual  infrastructure. 

“While  some  environments  could  support 
virtual-only  clusters  for  testing,  the  more  com¬ 
mon  scenario  would  have,  for  instance,  two 
virtual  elements  and  one  physical  one  sup¬ 
porting  a  single  IT  service,”  says  Cameron 
Haight,  a  Gartner  research  vice  president.  “IT 
still  needs  to  correlate  performance  metrics 
and  understand  the  profile  of  the  service  that 
spans  the  virtual  and  physical  infrastructures. 
Sometimes  people  are  lulled  into  a  false  sense 
of  security  thinking  the  tools  will  tell  them 
what  they  need  to  know  or  just  do  [the  corre¬ 
lation]  for  them.” 

IT  managers  should  push  their  vendors  for 
reporting  tools  that  not  only  show  what’s  hap¬ 
pening  in  the  virtual  realm  but  also  display 
the  physical  implications  —  and  potentially 
the  cause  —  of  an  event.  Detailed  views  of 
both  environments  must  be  married  to  corre¬ 
late  why  events  take  place  in  both  realms. 

For  instance,  if  utilization  on  a  host  server 
drops  from  20%  to  10%,  it  would  be  helpful 
to  know  the  change  came  about  because 
VMware  Distributed  Resource  Scheduler 
(DRS)  moved  virtual  machines  to  a  new 
physical  server,  Haight  says.  In  addition, 
knowing  when  and  where  virtual  machines 
migrate  can  help  prevent  a  condition 
dubbed  “VMotion  sickness”  from  cropping 
up  in  virtual  environments.  This  occurs 
when  virtual  move  repeatedly  across  servers 
—  and  bring  problems  they  might  have  from 
one  server  to  the  next,  Haight  says.  Proper 
reporting  tools,  for  example,  could  help  an 
administrator  understand  that  a  perform¬ 
ance  problem  is  traveling  with  a  virtual 
machine  unbeknown  to  DRS. 

5.  Eliminate  virtual  blind  spots 

The  fluid  environment  created  by  virtualiza¬ 
tion  often  includes  blind  spots.“We  monitor  all 
physical  traffic,  and  there  is  no  reason  why  we 
wouldn’t  want  to  do  the  same  for  the  virtual 
traffic.  It’s  a  huge  risk  not  knowing  what  is 
going  on,  especially  when  the  number  of  vir¬ 
tual  servers  is  double  what  you  have  for  phys¬ 
ical  boxes,”  says  Nick  Fbrtolese,  senior  man¬ 
ager  of  data  center  operations  at  Nielsen 
Mobile  in  San  Francisco. 

Fbrtolese  supports  an  environment  with 
about  30  VMware  ESX  servers  and  500  to  550 
virtual  machines.  Early  on,  he  realized  he  was¬ 
n’t  comfortable  with  the  amount  of  network 
traffic  he  could  monitor  in  his  virtual  environ¬ 
ment.  Monitoring  physical  network  traffic  is  a 
must, but  he  found  the  visibility  into  traffic  with¬ 
in  the  virtual  environment  was  non-existent. 

Start-up  Altor  Networks  provided  Fbrtolese 
with  what  he  considered  necessary  tools  to 
track  traffic  in  the  entire  environment. 
Altor’s  Virtual  Network  Security  Analyzer 
(VNSA)  views  traffic  at  the  virtual  —  not  just 
the  network  —  switch  layer.  That  means 
inter-virtual-machine  communications  or 
even  virtual  desktop  chatter  won’t  be  lost  in 
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transmission,  the  company  says.VNSA  provides 
a  comprehensive  look  at  the  virtual  network 
and  analyzes  traffic  to  give  network  security  managers  a  picture  of 
the  top  application  talkers,  most-used  protocols  and  aspects  of  vir¬ 
tualization  relevant  to  security.  It’s  a  must-have  for  any  virtual  envi¬ 
ronment,  Portolese  says. 

“We  didn’t  have  anything  to  monitor  the  virtual  switch  layer,  and  for 
me  to  try  to  monitor  at  the  virtual  port  was  very  difficult.  It  was  impossi¬ 
ble  to  tell  which  virtual  machine  is  coming  from  where,”  Fbrtolese 
explains.“You  will  get  caught  with  major  egg  on  your  face  if  you  are  silly 
enough  to  think  you  don’t  have  to  monitor  all  traffic  on  the  network.” 


6.  Charge  hack  for  virtual  resources 

Companies  with  chargeback  policies  should  apply  the  practice  to 
the  virtual  realm,  and  those  without  a  set  process  should  institute 
one  before  virtualization  takes  off. 

Converting  physical  resources  to  virtual  ones  might  seem  like  a  no- 
brainer  to  IT  folks,  who  can  appreciate  the  cost  savings  and  adminis¬ 
tration  changes,  but  business  units  often  worry  that  having  their  appli¬ 
cation  on  a  virtual  server  might  affect  performance  negatively  Even  if  a 
company’s  structure  doesn’t  support  the  IT  chargeback  model,  busi¬ 
ness  units  might  be  more  willing  to  get  on  board  with  virtualization  if 
they  are  aware  of  the  related  cost  savings,  Forrester’s  Staten  says. 

“IT  can  provide  some  transparency  to  the  other  departments  by 
showing  them  what  they  can  gain  by  accepting  a  virtual  server. This 
includes  lower  costs,  faster  delivery  against  [service-level  agree 
ments],  better  availability  moresecure  disaster  recovery  and  the 
most  important  one  —  [shorter  time  to  delivery].  It  will  take  six 
weeks  to  get  the  physical  server,  but  a  virtual  server  will  be  over  in 
more  like  six  hours,”  Staten  says. 

In  addition, chargeback  policies  would  be  an  asset  to  IT  groups  look¬ 
ing  to  regain  some  of  their  investment  in  virtualization.  At  Hasbro,  IT 
absorbs  the  cost  of  the  technology  while  the  rest  of  the  company  takes 
advantage  of  its  benefits,  Ward  says.  “The  cost  of  physical  machines 
comes  out  of  the  business  department’s  budget,  but  the  cost  of  virtual 
machines  comes  out  of  the  IT  budget,”  he  says. 

7.  Capitalize  on  in-house  talent 

IT  organizations  also  must  update  staff  to  take  on  virtualization. 
Certification  programs,  such  as  the  VMware  Certified  Professional 
(VCP)  and  Microsoft’s  Windows  Server  Virtualization,  are  available, 
but  in-house  IT  staff  must  weigh  which  skills  they  need  and  how  to 
train  in  them. “Certifications  are  rare,  though  I  do  have  twoVCPs  on 
my  staff.  Most  IT  professionals  who  are  able  to  take  the  exam  and  get 
certified  would  probably  work  in  consulting,”  says  Robert  Jackson, 
director  of  infrastructure  at  Reliance  Limited  Partnership  in  Toronto. 

With  training  costing  as  much  as  $5,000  per  course,  IT  workers 
might  not  get  budget  approval. Gartner’s  Haight  recommends  assem¬ 
bling  a  group  of  individuals  from  the  entire  IT  organization  into  a 
center  of  excellence  of  sorts.  That  would  enable  the  sharing  of 
knowledge  about  virtualization  throughout  the  organization. 

“We  surveyed  IT  managers  about  virtualization  skills, and  about  one- 
quarter  of  respondents  had  a  negative  perspective  about  being  able  to 
retain  those  skills  in-house,”  Haight  says.“Disseminating  the  knowledge 
across  a  team  would  make  an  organization  more  secure  and  improve 
the  virtualization  implementation  overall  with  fewer  duplicated  efforts 
and  more  streamlined  approaches.” 

In  the  absence  of  virtualization  expertise,  Linux  proficiency  can 
help,  Hasbro’s  Ward  says. VMware  support  staff  seem  to  operate  most 
comfortably  with  that  open  source  operating  system,  he  says. 

In  general,  moving  from  pilot  to  production  means  increasing  the 
staff  for  the  daily  care  and  feeding  of  a  virtual  environment,  Ward 
says.“Tools  can  help,  but  they  can’t  replace  people.”  ■ 
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new  Nexus  7000  and  5000  data-center  switches, 
DeSanti  says. These  features  can  be  made  stan¬ 
dard-compliant  with  a  firmware  upgrade  once  the 
standards  are  complete,  he  says. 

“Consensus  has  been  achieved  on  what  the 
mechanisms  are  and  how  they  should  behave,” 
DeSanti  says.  “So,  it  is  already  possible  to  have 
products  that  will  become  standard-compli¬ 
ant,  even  if  the  standard  is  still  in  the  phase  of 
construction.” 

The  Qau  standard,  however,  is  “ambitious”  and 
may  not  be  necessary  for  initial  implementations 
of  DCE,  DeSanti  says.  Nonstandard  implementa¬ 
tions  of  congestion  notification  may  suffice. 

ForcelO,  however,  has  no  intentions  of  shipping 
pre-standard  CEE  technology  even  though  the 
University  of  New  Hampshire  already  conducted 
an  FCoE  interoperability  “plugfest.”  TTie  company 
plans  to  comply  fully  with  the  T1 1  and  DCB  stan¬ 
dards  once  they  are  solid,  Garrison  says. 

Mass  market  demand  won’t  bubble  up  until 
then,  Garrison  says.“There  still  could  be  some  hic- 


**The  biggest  [snag]  is,  what 
do  we  call  it?  Is  this  acronym 
proprietary?  Is  it  a  unified 
push  among  many  vendors?55 

Steve  Garrison 

Vice  president  of  marketing,  ForcelO 
Networks 

cups  and  bugs  that  get  discovered  that  have  to  be 
addressed  so  that’s  why  we’re  waiting,”  he  says. 

Apart  from  the  standards  efforts,  CEE  and  DCE 
may  raise  some  operational  challenges,  says 
Chuck  Hollis,  EMC’s  global  marketing  CTO. 
Convergence  might  disrupt  the  usual  data-center 
setup  in  which  three  groups  are  responsible  for 
operating  three  distinct  networks,  he  says. 

It  isn’t  clear  who  manages  a  converged  fabric, 
Hollis  says  in  a  blog  post  on  the  EMC  site.“ln  terms 
of  organizational  responsibility  we’ve  got  an  en¬ 
tirely  new  construct,  don’t  we?”  he  asks.  “I  mean, 
today  we’ve  got  separate  disciplines  and  largely 
linear  workflows  between  the  groups.  What  hap¬ 
pens  when  we  can  put  it  all  on  one  console?  And 
even  if  we  can  do  it,  will  people  want  it?” 

Nonetheless,  CEE  and  DCE  vendors  are  encour¬ 
aged  that  they’ve  agreed  on  the  technologies  to  be 
included  in  the  standards,  and  that  major  hurdles 
to  finalizing  them  —  acronyms  notwithstanding 
—  have  been  stamped  out. 

“1  don’t  see  any  show-stoppers  here  —  it’s  just 
time,”  Force  10’s  Garrison  says.This  is  just  another 
evolutionary  step.  [Ethernet]  worked  great  for 
mundane  or  typical  applications  —  now  we’re 
getting  to  time-sensitive  [applications], and  we 
need  to  have  a  little  bit  more  congestion  control 
in  there.” 

—  Senior  Writer  Jon  Brodkin  contributed  to  this 

story. 
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Four  tactics  for  surviving  the  doom,  gloom 

El 


Mark  Gibbs 


nough  already!  I’ve  had  it  with  all  of  the 
economic  doom  and  gloom.  Sure,  the 
i  market  sucks.  Sure  our  401ks  are  in  the  toi¬ 
let.  Sure,  the  government  is  spending  our 
money  and  our  children’s  money  (and  proba- 
BACKSPIN  bly  our  children’s  children’s  money),  but  really 
how  much  of  a  wuss  are  you  going  to  be? 

Here’s  what  many  IT  shops  are  doing 
wrong:  They  see  the  economic  downturn  as 
a  time  to  hunker  down,  a  time  to  dig  in,  reduce  spending,  put  new 
programs  and  initiatives  on  hold  and  batten  down  the  hatches 
hoping  they  can  last  out  the  storm. 

Wrong.  Now’s  the  time  to  let  the  competition  be  the  wuss. 

Let  the  competition  chicken  out.  Let  them  try  to  reduce  operation 
costs  and  compromise  their  business.  With  luck  they’ll  just  bleed  away 
their  forward  momentum  and  wallow  in  their  self-invented  slough  of 
despond  while  you  get  to  eat  their  lunch.  And  their  dinner. 

If  you’re  smart,  take  this  as  an  opportunity  to  not  only  keep  but  gain 
forward  momentum,  and  to  do  so  you’re  going  to  have  to  keep  spend¬ 
ing.  Not  irrationally  but  in  line  with  what  you  are  supposed  to  be  doing. 

Here’s  what  we  all  need  to  realize:  IT  isn’t  a  luxury,  it  isn’t  something 
that’s  nice  to  have,  it  is  the  only  engine  that  can  power  the  corporate 
bus.  So,  here  are  my  four  tactics  to  help  IT  survive  the  downturn: 

1.  Fight  for  your  budget.  You  know  what’s  going  to  happen:  The  CEO 
and  or  the  CFO  are  going  to  try  to  put  on  the  thumbscrews  as  if  IT 
costs  were  the  whole  problem. 

They’ll  be  whining, “You’ve  got  to  reduce  spending,”  but  don’t  let 
them  get  to  you,  especially  if  the  cuts  they  want  aren’t  across  the 
board!  Even  then,  you  know  there’s  a  level  of  budget  reduction  at 
which  IT  can’t  do  what  it  is  supposed  to  do,  and  without  IT  you 


know  your  business  is  toast.  A  nonplayer. 

You  need  to  ensure  your  budget  is  in  line  with  corporate  income 
but  don’t  allow  short-term  deficits  to  drive  expenditure.  Just  because 
the  CEO  has  planned  a  sales  meeting  in  the  Bahamas  doesn’t  mean 
that  in  financially  strapped  times  IT  should  wind  up,  in  effect,  paying 
for  the  sales  team  to  drink  pina  coladas. 

2.  Search  for  efficiencies.  The  prospect  of  unemployment  focuses 
the  mind  wonderfully,  and  your  team  needs  to  realize  that  making  IT 
more  efficient  and  effective  is  the  best  route  to  job  security. 

3.  Expose  the  inefficiencies  in  lines  of  operations.  You  own  the  data. 
You  have  access  to  every  piece  of  information  about  operations  that  is 
worth  having.  Use  it. 

If,  for  example,  manufacturing  is  missing  an  opportunity  by  not  opti¬ 
mizing  their  supply  chains  or  they  are  holding  too  much  raw  material, 
rat  'em  out.  Make  sure  the  opportunity  for  improvement  is  visible  and 
define  a  solution.  Sure,  it’s  all  getting  very  political,  but  it’s  your  liveli¬ 
hood  on  the  line. 

4.  Don’t  slow  down.  If  you  have  projects  underway  get  'em  done. 
Don’t  give  the  business  lines  an  excuse  to  claim  they  don’t  have  the 
tools.  In  fact,  work  to  make  them  admit,  publicly,  that  not  only  do  they 
have  the  tools,  but  that  they  work  and  work  right.  In  tough  times  the 
blame  game  is  the  game  that  everyone  loves  to  play  so  make  damn 
sure  you’re  not  in  anyone’s  firing  line. 

Make  no  mistake,  we  are  in  bad  times. Things  are  likely  to  get  worse 
before  they  get  better,  but  it  is  times  like  these  that  test  men’s  souls 
and  fortitude.  So,  are  you  going  to  be  a  man  or  a  mouse?  Or  a  wuss? 

Gibbs  talks  tough  in  Ventura,  Calif.  Talk  back  to  backspin@gibbs.com. 
To  see  a  version  of  this  column  with  links,  go  to  www.nwdocfind 
er.com/7164. 


An  unsettling  week  for  everyone  but  Joe 


NETBUZZ 

News,  Insights,  oddities 


The  temptation  is  to  compare  last  week’s 
economic  news  to  a  roller-coaster,  if  not 
for  the  fact  that  doing  so  would  be  a 
cliche  . . .  and  I  so  easily  become  ill  on  amuse¬ 
ment  park  rides.  OK,  I  guess  it  is  the  only  apt 
comparison,  after  all. 

Remember  Monday’s  rise  of  900  points  on 
the  Dow?  Sure  you  do. . . .  Me  neither. 

That  was  the  day  Bill  Gates  told  a  symposium 
at  the  Harvard  Business  School  that  he  expects 
the  unemployment  rate  of  6.1%  to  top  9%  before  the  dust  settles. 

“Consumer  sentiment  has  never  been  so  lowf  Gates  said.“So  no  mat¬ 
ter  how  quickly  this  gets  fixed,  you’re  still  going  to  have  an  economic 
cycle  with  a  fairly  significant  recession.” 

He  didn’t  express  any  concern  about  being  able  to  put  his  children 
through  college. 

The  market  tanked  on  Tuesday  of  course  . . .  and  again  on  Wednesday. 
But  1  read  a  story  on  Network  World’s  own  Web  site  about  Gartner 
assuring  one  and  all  that  no  matter  how  bad  things  get  they  won’t  be 
as  bad  as  ...  the  dot-com  bubble  burst. 

“In  the  worst-case  scenario,  our  research  indicates  an  IT  spending 
increase  of  2.3%  in  2009, down  from  our  earlier  projection  of  5.8%, ’’said 
Gartner  analyst  Peter  Sondergaard.“Developed  economies,  especially 
the  United  States  and  Western  Europe,  will  be  the  worst  affected,  but 
emerging  regions  will  not  be  immune.  Europe  will  experience  negative 
growth  in  2009;  the  United  States  and  Japan  will  be  flat.” 

Pass  the  party  hats. 

But  perhaps  the  week’s  most  unsettling  development  occurred  out  of 
earshot  to  anyone  but  me:  My  83-year-old  father  in  a  phone  call  asked, 
“Are  you  guys  getting  through  this  thing  OK?”What  he  was  really  asking 
was  whether  the  five  of  us  might  show  up  on  his  doorstep  clutching 


our  few  remaining  earthly  possessions.  I  assured  him  we  are  fine,  but 
he  nonetheless  felt  compelled  to  regale  me  with  another  round  of  sto¬ 
ries  about  how  his  family  coped  with  the  Great  Depression. 

Thanks  for  another  trip  to  the  amusement  park,  Dad. 

Different  ‘Joe  the  Plumber'  strikes  'Net  gold 

He  might  not  be  the  most  famous  plumber  in  America,  but  he  does 
own  the  most  suddenly  desirable  address  on  the  Internet. 

That  would  be  Joe  the  Plumber.  No,  not  that  Joe  the  Plumber  —  John 
McCain’s  Joe  Six-Pack,  but  rather  Joe  the  Plumber  from  Amarillo, Texas. 
That  Joe  owns  the  Web  site  joetheplummer.com. 

Driving  to  work  Thursday  morning  the  thought  occurred  that  some¬ 
one  must  have  owned  it . . .  although  1  was  ready  to  whip  out  the  credit 
card  if  not.  In  fact,  Amarillo  Joe  has  had  the  site  registered  with 
Network  Solutions  since  2004,  and, yes,  there  are  indications  as  I  type 
that  it  may  be  for  sale. 

Search  Engine  Land  was  quick  with  an  analysis  of  what  this  reflected 
fame  means  for  Amarillo  Joe,  in  particular,  and  plumbers  named  Joe  in 
general.  Bottom  line:They  had  better  have  sturdy  Web  servers. 

Wrote  Danny  Sullivan:"!  can  only  imagine  what  type  of  traffic  they’re 
getting  —  and  how  puzzled  they  were  if  they  noticed  a  spike  in  visits 
or  phone  calls.  In  fact,  when  I  twittered  about  this,  Shawn  Collins  twit¬ 
tered  back  that  one  of  them  (joetheplumber.com)  had  indeed  gotten 
offers  for  his  site  already’ 

One  more  thing  about  joetheplummer.com.  In  perusing  the  site,  1 
noticed  this  telling  indication  of  exactly  how  far  the  Internet  has 
seeped  into  everyday  American  life:  Amarillo’s  Joe  the  Plumber  has  a 
mailing  list.  It  features, “Breaking  news  about  our  business,  helpful  tips 
and  exclusive  special  offers.”  A  plumber,  a  mailing  list. 

Comments  and  motion-sickness  remedies  to  buzz@nww.com. 
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'E  THINKING  ABOUT  POWER  &  PERFORMANCE: 


If  knowledge  is  power,  then  managing  it  is  genius 


'$  a  simple  fact:  your  system  is  only  as  good  as  the  power  that  runs  it.  That's  why 
smart  power  management  is  crucial.  Enter  the  HP  Insight  Power  Manager,  which  gives 
you  the  ability  to  control  your  power  and  cooling  —  from  forecasting  needs  to  monitoring 
consumption  and  lowering  energy  use.  All  with  the  reliability  of  ProLiant  technology. 
So,  while  others  try  to  think  outside  the  box  — we're  rethinking  what  goes  on  inside  it. 

Technology  for  better  business  outcomes. 


Powered  by  the  Intel®  Xeon®  Processor 

Infrastructure-in-a-box  saves  you  time,  power 
and  money  by  reducing  repetitive  parts  and 
redundant  operations 
Improves  efficiency  by  managing  power 
and  cooling  as  a  resource 


•  Powered  by  the  Intel®  Xeon®  Processor 

•  Affordable,  modular  rack  systems  to  give 
your  IT  department  the  flexibility  to  expand 
with  your  business 

•  Ideal  for  general-purpose  solutions  and 
high-performance  computing 
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Xeon 


To  learn  more,  call  1-866-545-0292  or  visit  hp.com/servers/rethink33 


Intel,  the  Intel  logo,  Xeon  and  Xeon  Inside  are  trademarks  of  Intel  Corporation  in  the  U.S.  and  other  countries. 

©  2008  Hewlett-Packard  Development  Company,  L.P.  The  information  contained  herein  is  subject  to  change  without  notice. 
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With  NetApp®  at  the  heart  of  your  business,  you  can 

FORTLESSLY  HOLD  YOUR  DATA 


at  a  fraction  of  the  cost  and  footprint. 


Imagine  storage  and  data  management  solutions  smart  enough  to  support  the  data  you  need,  and  not  a  lot  of  dead  weight. 

It’s  possible  when  you  partner  with  NetApp.  Our  industry-leading  solutions  use  deduplication  and  other  space-saving  techno  coos 
to  help  you  store  data  efficiently  and  reduce  your  footprint  by  50%  or  more.  So  you  can  manage  exponential  growth  while 
minimizing  your  storage  investment — all  with  the  support  of  a  team  that  will  exceed  your  expectations.  See  how  we  can  heip 
your  business  go  further,  faster.  Find  out  how  you  can  use  50%  less  storage,  guaranteed ,*  at  netapp.com/efficiency. 


NetApp 

Go  further,  faster 


©  2008  NetApp.  All  rights  reserved.  Specifications  are  subject  to  change  without  notice.  NetApp,  the  NetApp  logo,  and  Go  further,  faster  are  trademarks  or  registered  trademarks  of  NetApp,  Inc.  in  the  United 
States  and/or  other  countries.  All  other  brands  or  products  are  trademarks  or  registered  trademarks  of  their  respective  holders  and  should  be  treated  as  such.  ‘This  guarantee  and  related  Program  is  limited  to 
the  terms  set  forth  in  the  Program  Guide  and  Acknowledgement  For  50%  Virtualization  Guarantee  Program  document,  applicable  only  to  prospective  orders  placed  after  the  Program  effective  date  and  is  dependent 
upon  your  compliance  with  the  terms  and  conditions  set  forth  in  this  document  and  any  of  the  instruction  sets  and  specifications  set  forth  in  the  referenced  documents.  NetApp's  sole  and  exclusive  liability  and 
your  sole  and  exclusive  remedy  associated  with  the  terms  of  this  guarantee  and  related  Program  is  the  provision  by  NetApp  of  the  additional  storage  capacity  as  set  forth  in  this  guarantee  and  related  Program. 


